Making  security  second  nature 

We  preview  The  Security  Standard  conference  with  the 
second  in  a  four-part  series  on  the  toughest  security 
issues  facing  the  enterprise.  PAGE  19. 


Storage  Buyer’s  Guide  LIVE 

If  you’re  in  the  market  for  anything  from  a  storage  array  to  a  director 
SAN  switch,  delve  into  the  details  of  close  to  200  products  from  15  mar¬ 
ket  segments  in  this  brand-new  Buyers  Guide,  www.nwdocfinder.com/4641 
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Middle  of  nowhere 

The  burden  of  the  Midwestern  network  start-up: 
"How  good  can  the  software  be  if  it’s  made  here?” 

BY  CAROLYN  DUFFY  MARSAN 

lyria,  Ohio,  population 
56,000,  has  a  history  of 
innovation:The  padded 
bicycle  seat,  colored  golf  ball 
and  rubber  heel  were  invented 
here.  Now  this  Rust  Belt  city  10 
miles  west  of  Cleveland  is  home 
to  a  software  company  that  is 
among  a  handful  of  Midwestern 
start-ups  that  have  attracted  ven¬ 
ture  capital  financing  this  year. 

Banyan  Technology,  which  markets  a  Web-based  logistics  ser¬ 
vice  to  the  trucking  industry  received  $350,000  from  Ohio  ven¬ 
ture  fund  JumpStart.  Doing  business  out  of  a  development  cen¬ 
ter  at  Lorain  County  Community  College,  Banyan  has  more  than 
40  customers  and  nine  employees.  (The  company  is  no  relation 
to  the  defunct  manufacturer  of  the  Banyan  Vines  network  oper¬ 
ating  system.) 

“Even  in  our  dealings  with  companies  in  Cleveland,  Elyria  is 
perceived  as  way  out  in  the  sticks,  although  it’s  just  30  minutes 

See  Midwest,  page  16 


COLIN  JOHNSON 


Vista  testers  fuming 
as  beta  judged  lacking 


Another  delay  may  be  in 
the  cards  for  Microsoft 
operating  system. 

BY  JOHN  FONTANA 

What  began  as  a  murmur  a  few  months  back  is 
turning  into  an  audible  grumble,  as  beta  testers  and 
experts  question  the  stability  of  the  latest  Windows 
Vista  beta  and  Microsoft  itself  hints  at  yet  another 
release  delay. 

Testers  and  pundits  alike  say  Vista  Beta  2,  released 
publicly  in  June,  is  plagued  by  bugs  and  blue 
screens. Some  testers  are  saying  a  Beta  3  cycle, which 
is  not  planned,  may  be  needed  and  that  the  software 
isn’t  ready  for  final  testing  before  shipment,  which 
Microsoft  calls  Release  Candidate  1  (RC1). 

Microsoft  said  two  weeks  ago  that  RC1  of  Vista 
would  ship  before  the  end  of  September. 

The  final  release  of  Vista  for  corporate  customers 
now  is  targeted  for  November.  Microsoft’s  Kevin  John¬ 
son,  the  co-president  of  the  platform  and  services 


division,  told  financial  analysts  in  late  July  however, 
that  while  Vista  is  on  schedule  the  code  would  not 
ship  until  it  was  ready 

With  the  current  timeline,  Microsoft  would  have  a 
bit  more  than  a  month  to  collect  and  incorporate 
testers’  feedback  from  RC1  and  finalize  the  code  be¬ 
fore  shipment. 

“I  have  been  testing  Microsoft  operating  systems 
since  Windows  95,  and  this  is  the  buggiest  OS  I’ve 
seen  this  late  in  development,”  says  Joe  Wilcox,  an 
analyst  with  Jupiter  Research.  “Look  at  the  older 
operating  systems,  and  by  Beta  2  there  is  a  stable 
foundation  on  which  the  [independent  software 
vendors]  can  build.  Right  now, Vista  is  like  a  ship  on 
stormy  seas.” 

One  ISV  that  asked  not  to  be  named  says  a  private 
beta  it  is  working  with  that  shipped  after  Vista  Beta  2 
is  more  stable  but  is  still  a  memory  hog.“The  memory 
consumption  has  been  reduced  from  a  gig  to 
700MB,  which  is  about  three  times  what  XP  requires. 
It  is  probably  going  to  come  down,  but  it  is  a  big 
beast,”  the  ISV  says. 

See  Vista,  page  48 


Flexible  licensing  plans  gain  momentum 


BY  ANN  BEDNARZ 

Bentley  Software  is  going 
against  the  grain  with  a  new 
licensing  program  that  lets  cus¬ 
tomers  turn  in  user  licenses  they 
don’t  want  anymore  in  exchange 


for  seats  of  a  different  product  in 
Bentley’s  portfolio  of  architecture, 
engineering  and  construction 
software. 

For  Architects  Design  Partner¬ 
ship,  that  means  instead  of  writing 


off  its  investment  in  print  manage¬ 
ment  software  that’s  not  being 
used,  the  firm  can  get  a  credit  for 
the  licenses  —  based  on  current 
list  prices  —  and  use  it  to  buy 
seats  of  Bentley’s  latest  architec¬ 
tural  design  and  documentation 
software. 

“That’s  something  I’m  definitely 
going  to  take  advantage  of,”  says 
Marc  Thomas,  IT  director  at  Archi¬ 
tects  Design  Partnership  in  Lon¬ 
don.  “We  have  a  piece  of  software 
called  Digital  InterPlot  that  doesn’t 
fit  in  with  our  needs,  so  I’m  plan¬ 
ning  to  trade  that  in,  probably  for 
See  Licensing,  page  14 
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CLEAR  CHOICE  TEST 


The  latest  batch  of  MIMO- 
and  "draft  n”-based  wireless 
LAN  gear  blazes  close  to 
100Mbps,  but  interoperability 
remains  an  issue.  See  where 
the  technology  is  heading 
and  MIMO's  implications  on 
the  enterprise.  Pgg0 
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_THE  INVASION 

_DAY  13:  These  underpowered  boxes  are  killing  us.  They  can’t 
handle  the  workloads.  They  can’t  handle  the  transactions . 

They  can’t  handle  the  growing  number  of  users.  And  I  for  sure 
can’t  handle  the  costs. 

_l’m  putting  all  this  junk  out  where  it  belongs  and  buying 
some  real  servers. 

_DAY  15:  I’ve  taken  back  control  by  moving  to  the  IBM  System  p™ 
platform.  It’s  number  one  in  over  70  leading  benchmarks.1 
Take  transaction  processing  for  instance  —  the  System  p5  570 
processes  three  times  as  many  transactions  per  minute  as  the 
HP  rx8620!  And  its  price/performance  is  better.2  It’s  all  I 
ever  wanted  in  a  UNIX®  server. 

_As  for  the  old  servers,  well... they  kept  crashing. 

Into  the  ground. 


IBM.C0M/TAKEBACKC0NTR0L/p5 
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Dual-Core  Intel®  XeonK  Processor  Die 
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(IF  THE  NEW  DUAL-CORE  INTEL®  XEON®  PROCESSOR  WERE  AN  ATHLETE, 
WE'D  BE  LOOKING  AT  SOME  SERIOUS  ENDORSEMENT  DEALS.) 


INTRODUCING  THE  DUAL-CORE  INTEL®  XEON®  PROCESSOR  FOR  SERVERS. 

Up  to  80%  more  performance  per  watt  than  the  competition*  20  leading  performance  benchmarks. 

.Up  to  60%  faster  with  significantly  lower  energy  consumption  than  the  competition.  All  that 
and  the  best  two-way  platform  for  virtualization.  Intel®  Core™  Microarchitecture.  It's  the  future.  Xeon 
Learn  more  at  intel.com/xeon 

using  SPECint ‘ crBtoJtaseiJOOO  and  5PEDiirjatej^sc200(VSysWstt.  comparing  a  Doal-Coie  Intel'  Xeon*  piocessor  5160-hased  ptottcsm  to  an  AMI)  Opinion*  processor  model  t>,ise<?  P‘a,,° 
’trftijclnnanoe- also  ntt&surgd  by  othei  leading  performance  benchmarks  and  compared  to  leading  published  competitive  results  Actual  performance  may  vary.  See  http//wwwintelcom/xeon  or  more  m  oimati 
'  Iftfel  Cmpcjatiorv  Intel,  tlie  Intel  logo.  Xeon.  Xeon  inside.  Intel  Leap  ahead  and  the  Intel  Leap  ahead,  logo  aie  .trademarks  or  registered  tiademaiks  ol  Intel  Corporation  or  its  suOsidianes  m  the  united  dates  and  ot 
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8  NAC,  VoIP  security  questioned  at  Black  Hat. 

8  Sybase  previews  data  integration  suite. 

10  Conference  agenda  indicative  of  a  maturing  Linux. 

10  Array  gear  protects  healthcare  provider. 

12  Vodafone  staying  in  Verizon  Wireless. 

12  Mainframe  storage  system  addresses  disaster  recovery, 
compliance. 

48  Vista  flaws  exposed  at  Black  Hat. 
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19  Making  corporate  security 
second  nature. 

20  Kevin  Tolly:  Network  infra¬ 
structure  for  the  long  run. 

20  Start-up  releases  NAC  device 
for  Windows  desktop. 

Enterprise  Computing 

22  Centeris  eyes  Windows/Linux 
simplicity. 

Application  Services 

23  Outsourcing  gets  homey. 

24  Scott  Bradner:  How  to  shrink 
a  wide  digital  divide? 

24  Microsoft  takes  step  toward 
management  standard. 

26  SPECIAL  FOCUS:  Microsoft’s 
services  picture  becoming  dear. 

Service  Providers 

27  AT&T  looks  to  extend  SBC's 
hold  on  SMBs. 

27  Johna  Till  Johnson:  Enterpise 
privacy  strategies,  tactics. 


29  Data  reduction  speeds  WAN. 

29  Steve  Blass:  Ask  Dr.  Internet. 

30  Mark  Gibbs:  More  GPS. 

30  Keith  Shaw:  Cool  tools,  gizmos 
and  other  neat  stuff. 


Opinions 

32  On  Technology:  It’s  better  than 
the  Energizer  bunny. 

33  Chuck  Yoke:  The  ’me’  in  team, 
and  what  it  means. 

33  Thomas  Nolle:  What's  behind 
the  slowing  of  IT  job  losses? 

50  BackSpin:  Updating  CAN  SPAM. 
50  ’Net  Buzz:  10  IT  brand  names 
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Autumn  Bayles’ 
ERP  experience 
landed  her  a  job 
as  CIO  at  Tasty 
Baking. 


Management  & 
Careers 

43  Technology-to-business  trans¬ 
formations:  The  right  skills  can  help 
you  make  the  move  from  IT  to  a 
different  department. 


COOL  TOOLS 

The  Fujitsu  Lifebook 
Q2010  is  sleek,  stylish  and 
uitraportable. 

Page  30 


Wireless  LANs 

MIMO-based  WLAN  gear 
gets  close  to  100Mbps, 
with  Asus  coming  out 
on  top  in  our 
comparative  tests. 

Page  35. 

The  Linksys  WRT300N 
MIMO-based  router  also 
performed  well  in  our 
tests. 


Network  management  security 

Cymphonix  DC30X  monitors  users  and  traffic,  but  hits  a  few 
bumps  along  the  way  Page  40. 


Instant 

messaging 

Jabber’s  JabberNow 
instant  messaging  appli¬ 
ance  lets  businesses  set  up 
an  IM  network  quickly  and 
easily.  Page  42. 

The  JabberNow  IM 
appliance  is  small  enough 
to  sit  on  a  shelf. 
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Storage  Buyer's  Guide  LIVE 

If  you're  in  the  market  for  any¬ 
thing  from  a  tape  library  or  an 
online  backup  service,  to  a  com¬ 
plete,  drop-it-in-place  storage- 
area  network  solution,  check  out 
this  Buyer's  Guide  with  close  to 
200  products  divided  among  spe¬ 
cific  storage  market  segments. 
DocFinder:  4641 

Testing  MIMO  gear 

Cool  Tools  Editor  Keith  Shaw  and 
columnist  Craig  Mathias  go  inside 
our  testing  of  multiple-input  multi- 

Online  help  and  advice 


ple-output/pre-N  router  technol¬ 
ogy.  See  how  the  tests  were  done 
and  what  methods  were  used  to 
get  the  more  accurate  results. 

DocFinder:  4642 

Hot  Seat:  Detecting  abnormalities 
in  the  network 

American  Water  discovered  and 
quarantined  a  worm  using  Arbor 
Networks'  product  set,  saving  SI 
million  in  the  process.  Jack  Boyle, 
CEO  of  Arbor,  explains  how  on  this 
week's  Network  World  Hot  Seat. 
DocFinder:  4643 


Getting  TiVo  to  work  with  WPA 

Help  desk  guru  Ron  Nutter  helps  a 
user  get  a  TiVo  digital  video 
recorder  hooked  up  to  a  secured 
wireless  LAN.  DocFinder:  4645 

Faster  and  less  expensive 

New  Gigabit  Ethernet  equipment  is 
priced  below  S30,  and  low-cost, 
high-performance  chips  mean  good 
deals  for  consumers,  says  Lab 
Alliance  member  James  Gaskin. 
DocFinder:  4646 

The  patch  robbers 

Do  you  think  it's  a  coincidence  that 


major  Microsoft  Office  vulnerabili¬ 
ties  with  exploit  code  have 
appeared  within  a  day  of  Patch 
Tuesday?  Columnist  Mike  Rothman 
doesn't. 

DocFinder:  4647 

Voice  over  Wi-Fi  taking  off  like  a 
rocket 

Just  how  hot  is  voice  over  wireless 
LANs?  It's  so  hot  that  Infonetics 
Research  is  projecting  the  world¬ 
wide  market  for  Wi-Fi  phones  to 
more  than  double  every  year 
through  2009. 

DocFinder:  4648 
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Doad  map  event 

Don't  miss  out  on  this  full  day  of  seven  fast  tracks  at  IT  Road  map:  Dallas 
—  the  all-in-one-day  event  in  which  40  enterprise  all-stars,  analysts  and 
vendors  provide  new  technology,  smart  solutions  and  on-point  expertise. 
Qualify  to  attend  free  in  Dallas  (Sept.  13)  and  the  Bay  Area. 

DocFinder:  4650 


BREAKING  NEWS 

Go  online  for  breaking  news  every  day.  DocFinder:  1001 

Free  e-mail  newsletters 

Sign  up  for  any  of  more  than  40  newsletters  on  key  network  topics. 

DocFinder:  1002 

What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and  resources 
online.  Simply  enter  the  four-digit  DocFinder  number  in 
the  search  box  on  the  home  page,  and  you’ll  jump  directly 
to  the  requested  information. 
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Busy  ‘Patch  Tuesday'  for  Microsoft 

M  August  will  be  another  substantial  patch  month  for  Microsoft,  with  the  vendor 
set  to  release  12  security  bulletins  Tuesday  to  fix  holes  in  its  Windows  operating 
system  and  the  Office  productivity  suite.Ten  patches  will  affect  Windows,  with  at 
least  one  rated  critical.  The  other  two  security  updates,  at  least  one  of  which  also 


TheGoodTheBadTheUgly 

Goodbye  telecom  tax.  Carriers  last  week  were 
required  to  stop  collecting  a  108-year-old  telephone  excise  tax  after 
the  Internal  Revenue  Service  decided  in  May  to  stop  fighting  to  keep 
the  tax.  Verizon  last  week  stopped  collecting  the  3%  federal  excise  tax 
on  long-distance  wireline  telephone  services.  The  company  stopped  col¬ 
lecting  the  tax  on  wireless  services  June  1. 


is  rated  critical,  affect  Office.  Critical  flaws  can  be  exploited  by  attackers  to  run 
unauthorized  code  on  a  PC  without  any  user  action.The  patches,  some  of  which 
will  require  a  restart,  will  be  released  on  Aug.  15  as  part  of  Microsoft’s  regularly 
scheduled  monthly  security  update,  which  security  researchers  call  Patch 
Tuesday  Also  on  Tuesday,  Microsoft  is  expected  to  release  an  updated  versiom 
of  its  Windows  Malicious  Software  Removal  Tool  on  Windows  Update, 

Microsoft  Update,  Windows  Server  Update  Services  and  Download  Center^ 

The  company  also  plans  to  release  two  non-security  high-priority  updates 
for  Windows  on  Windows  Update  and  Software  Update  Services. 


Wireless  holes.  Intel  has  issued  patches  for  three  vulnera¬ 
bilities  in  its  wireless  hardware  and  software.  Two  problems  affect  cer¬ 
tain  versions  of  its  Pro/Wireless  Network  Connection  Hardware,  part 
of  its  Centrino  mobile  platform.  The  vulnerabilities  lie  in  drivers  from 
Microsoft,  Intel  said.  The  flaws  could  let  an  attacker  near  a  Wi-Fi  sta¬ 
tion  run  unauthorized  code  on  a  victim's  machine 
or  gain  kernel-level  privileges.  A  third  vulnerability 
affects  Intel's  Proset/Wireless  Software. 

:  Vegas  will  never  be  the 

Same.  Las  Vegas  probably  can  han¬ 
dle  just  about  anything,  but  it  might 
finally  meet  its  match  this  month,  as 
back-to-back  hacker  conventions  visit 
town.  Black  Hat  started  early  last  week, 
followed  by  DEFCON,  which  was  held  this 
past  weekend. 


H  Z.  J°NES 


FGG  OKs  broadband  via  power  lines 

■  The  FCC  has  rejected  requests  by  several  groups, 
including  amateur  radio  operators,  TV  broadcasters 
and  aeronautical  companies,  to  limit  severely  or  ban 
completely  broadband  services  over  power  lines 
because  of  radio  interference  issues.  In  a  Memoran¬ 
dum  Opinion  and  Order  adopted  last  week,  the  FCC 
affirmed  the  right  of  BPL  operators  to  provide  com¬ 
munications  services  over  power  transmission  lines 
provided  their  services  don’t  interfere  with  existing 
radio  services. The  decision  follows  a  number  of  peti¬ 
tions  by  groups  —  ham  radio  operators  in  particular 
—  that  have  complained  about  radio  interference 
caused  by  new  BPL  services  and  have  requested  new 
rules.  While  standing  by  its  previous  decision  to  sup¬ 
port  BPL,  the  FCC  said  it  remains  committed  to 
addressing  all  interference  issues.  In  that  context,  the 
commission  announced  provisions  to  protect  some 
aeronautical  stations  and  radio  astronomy  sites  from 
interference. 

Cingular  to  charge  for  use  of  old  net 

■  Cingular  Wireless  will  start  charging  millions  of 
legacy  customers  $5  per  month  in  September  for 
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“Right  now,  we  don’t  know  of 
any  benefits  of  IPv6”  that  will 
help  SSA  in  its  mission.  “Once 
IPv6  applications  become  avail¬ 
able,  it’s  possible  that  we  can 
do  agency  business  in  less  time 
or  more  efficiently  because  of 
IPv6.” 


Rich  Terzigni,  senior  network  advisor,  Social  Security 
Administration,  which  has  been  working  with  IPv6  for  five  years. 

See  story  at  www.nwdocfmder.com/4651. 


using  the  service  provider’s  old  networks.  The 
majority  of  Cingular’s  customers  use  its  GSM  net¬ 
work,  but  8%  of  the  carrier’s  customers  are  on  its 
Time  Division  Multiple  Access  and  analog  net- 


“Surf's  up!  Wait,  now  the 
surf’s  up!  OK,  the  surf 
will  be  up  early  next 
year!  Really  ” 

It’s  always  a  tough  go  when  it's  a 
Microsoft-related  photo,  and  this 
week  was  no  exception.  Liam  Dolan 
of  Cincinnati  came  out  on  top,  beat¬ 
ing  a  fun  field  of  entrants,  www.net 
workworld.com/weblogs/layer8 


works.  The  carrier  says  the  cost  to  support  these 
customers  is  rising  because  the  majority  of  traffic 
traverses  its  GSM  network.“It’s  an  issue  of  cost,” says 
Mark  Segal,  spokesman  at  Cingular.  “That’s  it  pure 
and  simple.  We  have  about  92%  of  our  57.3  million 
subscribers  on  the  GSM  network.”With  only  4.6  mil¬ 
lion  customers  on  Cingular’s  TDMA  and  analog  net¬ 
works,  the  carrier  says  it  has  to  recover  the  cost  of 
supporting  those  customers.  Analysts  at  consulting 
firm  TowerGroup  recommend  business  customers 
use  this  event  as  an  open  door  to  consolidate  wire¬ 
less  plans.  Customers  should  be  able  to  lower  over¬ 
all  monthly  costs  and  negotiate  free  phone 
upgrades,  the  group  says. 

D0J  tries  anew  to  squelch  AT&T  suit 

■  The  Department  of  Justice  has  filed  a  new  motion 
to  dismiss  a  lawsuit  over  AT&T’s  alleged  participation 
in  a  government-sponsored  wiretapping  program. 
The  Justice  Department  filed  a  new  petition  last 
Monday,  1 1  days  after  Judge  Vaughn  R.  Walker  of  the 
U.S.  District  Court  for  the  Northern  District  of 
California  denied  the  government’s  motion  for  dis¬ 
missal  or  summary  judgment.  In  the  case,  the 
Electronic  Frontier  Foundation  civil  liberties  group 
accuses  AT&T  of  participating  in  an  allegedly  illegal 
wiretapping  program  created  by  the  National 
Security  Agency  The  Justice  Department,  in  the  new 
petition  to  an  appeals  court,  argues  Walker  took  the 
“highly  unusual  action”  of  ignoring  the  government’s 
claim  that  the  case  involves  state  secrets.  The  judge 
“has  thereby  placed  at  risk  particularly  sensitive 
national  security  interests,”  wrote  Justice  Department 
lawyers. 
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You  can't  know  when  the  unexpected  will  happen 

(But  you  can  know  your  data  is  ready  for  it.) 

HP  ProLiant  DL360  G4p 
Rack-mount  Server 


The  Storage  Solutions  You  Need  When  You  Really  Need  Them. 

From  viruses  to  natural  disasters,  there  are  many  things  that  put  your  data  at  risk.  When 
the  worst  happens,  it's  essential  to  have  a  disaster  recovery  plan  in  place.  That  way  your 
information,  and  your  business,  are  protected.  CDW  has  a  wide  variety  of  disaster  recovery 
technology.  And  we  have  the  expertise  to  answer  questions  and  get  you  a  solution  that  fits 
your  needs.  So  call  today.  Because  no  plan  is  complete  without  a  backup  plan. 


HP  Smart  Buy  instant  savings  reflected  in  advertised  price,  HP  Smart  Buy  instant  savings  is  based  on  a  comparison  of  the  HP  Smart  Buy  price  versus  the  standard  list 
price  of  an  identical  product;  savings  may  vary  based  on  channel  and/or  direct  standard  pricing.  Assumes  2:1  compression.  Intel,  Intel  Logo,  Intel  Inside,  Intel  Inside 
logo,  Xeon  and  Xeon  Inside  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  the  United  States  and  other  countries.  Offer  subject 
to  COW's  standard  terms  and  conditions  of  sale,  available  at  CDW.com.  ©  2006  CDW  Corporation. 


The  Right  Technology.  Right  Away. 


CDW.com  •  800.399.4CDW 

In  Canada,  call  888.898.CDWC  •  CDW.ca 
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SMART  BUY  - 
$795  INSTANT 
SAVINGS' 


•  Intel1  Xeon”  Processor  (3GHz) 

•  Memory:  2GB  std.,  12GB  max. 

•  533MHz  Front  Side  Bus 

•  2  SCSI  or  SATA  hard  drive  bays 

•  Integrated  Lights-Out  (iLO)  Management 


Quantum  SuperLoader™  3 

•  8-slot,  Ultrium  LTO-3  autoloader 

•  Storage  capacity:  up  to  3.2TB  native/  6.4TB  compressed' 

•  Data  transfer  rate:  up  to  245GB  per  hour  native/  490GB 
per  hour  compressed' 


Quantum 


S5155.99  CDW  858933 


ProCurve  Switch  5406zl-48G 
PWR  Intelligent  Edge 

•  Provides  investment  protection,  flexibility  and  scalability 

•  Offers  ease  of  deployment  and  maintenance  for  growing  networks 
with  integrated  PoE  on  all  ports 


$5523.99  CDW  935401 
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NAC,  VoIP  security  draw  questions 

Jericho  Forum  of  enterprise  customers  to  issue  white  paper  on  network  access  control  concerns. 


“NAC  as  it  stands  today 
won’t  scaled 

Paul  Simmonds,  chief  information  security  offi¬ 
cer  at  ICI  and  a  member  of  the  Jericho  Forum 


BY  ELLEN  MESSMER 

LAS  VEGAS  —  At  the  Black  Hat 
conference  last  week,  security 
researchers  drew  attention  to 
shortcomings  in  network  access 
control  and  VoIP  products,  voic¬ 
ing  criticisms  that  rang  true  to 
some  enterprise  network  cus¬ 
tomers. 

The  range  of  NAC  products  on 
the  market  today  to  enforce  end¬ 
point  security  policy  have  funda¬ 
mental  design  weaknesses  that 
would  let  attackers  bypass  them 
through  spoofing,  inserting  rogue 
servers  and  other  methods,  said 
Ofir  Arkin,  CTO  at  Insightix,  dur¬ 
ing  his  presentation  at  the  con¬ 
ference. 

A  NAC  product  “must  be  able  to 
detect  a  new  element  connect¬ 
ing  to  the  network  and  have  the 
ability  to  verify  whether  or  not  it 
complies  with  a  defined  security 
policy  said  Arkin,  who  catego¬ 
rized  the  NAC  products  today  as 


I  Read  more  from  the  Black 
Hat  conference  about  the 
flaws  in  Microsoft  Vista. 
Page  48. 


agent-based  DHCP  proxy,  broad¬ 
cast  listeners  that  use  remote 
scans  to  identify  network  devices 
and  802.1X-based  clients. 

While  mentioning  only  Cisco 
and  Symantec  NAC  products  by 
name,  he  detailed  various  attacks 
based  on  masquerading  and 
spoofing  that  could  foil  detection 
across  a  wide  range  of  products. 
He  also  noted  that  most  products 
rely  on  agent  software  running 
on  Windows  or  on  proprietary 
switches  and  other  equipment, 
which  makes  NAC  hard  to  deploy 
in  large  organizations  and 
incomplete  in  terms  of  moni¬ 
tored  devices. 

Arkin  questioned  the  idea  of 
quarantining  computers  that  fail 
security  checks.  “If  I  need  to 
understand  how  elements  are 
vulnerable,  then  I  would  attack 
the  quarantined  network.  I  will 
put  something  on  them  that  no 
one  knows  about.  They  may  be 
remediated, but  I’ll  control  them,” 
he  said,  by  way  of  example. 

NAC  endpoint  security  also  is 
viewed  with  a  dim  eye  at  the 
Jericho  Forum,  a  global  organiza¬ 
tion  of  more  than  100  enterprises 
sharing  ideas  on  new  methods 


for  e-commerce  without  tradi¬ 
tional  firewalls. 

Paul  Simmonds,  chief  informa¬ 
tion  security  officer  at  ICI  and  a 
member  of  the  forum,  said  the 
organization  plans  to  release  a 
white  paper  critical  of  NAC  with¬ 
in  a  few  weeks.  Simmonds  was  at 
Black  Hat  to  encourage  IT  devel¬ 
opers  to  build  products  based  on 
the  Jericho  Forum’s  ideals  of  “de- 
perimeterization,”  allowing  e- 
commerce  application  security 
without  relying  on  proxies  and 
firewalls. 

“NAC  as  it  stands  today  won’t 
scale,”  Simmonds  said.  The  fun¬ 
damental  problem  with  the 
Cisco  approach  to  NAC,  for  ex¬ 
ample,  is  “there’s  a  lot  of  legacy 
equipment  that  won’t  support  it, 
so  if  I  have  a  switch  that  is  un¬ 


managed,  I  have  to  replace  it.”  He 
added  that  the  lack  of  NAC  client 
software  in  general  for  other 
than  Windows  makes  it  incom¬ 
plete.  “Where’s  the  VoIP  phone 
that  has  a  NAC?” 

While  Cisco  didn’t  argue  the 
relative  merits  of  Arkin’s  presen¬ 
tation,  an  official  said  Cisco  has 
seen  growth  in  the  number  of 
customers  deploying  NAC,  with 
more  than  300  using  it  for  end¬ 
point  protection. 

Patrick  Wheeler,  senior  product 
manager  for  Symantec  NAC,  the 
re-named  Sygate  product 
acquired  by  Symantec,  said  he 
didn’t  challenge  Arkin’s  basic 
premise  on  DHCP-based  NAC. 
“But  he  didn’t  really  identify  vul¬ 
nerabilities  in  our  NAC  product,” 
Wheeler  said.  Arkin’s  observa¬ 


Sybase  previews  data  integration  suite 


BY  ANN  BEDNARZ 

Sybase  this  week  is  expected  to  take  the 
wraps  off  a  new  suite  of  tools  aimed  at  helping 
companies  combine  data  from  heteroge¬ 
neous  sources. 

At  its  user  conference  in  Las  Vegas,  Sybase 
plans  to  preview  its  Data  Integration  Suite, 
which  combines  data  federation,  replication, 
event  handling  and  search  functions  with  com¬ 
mon  development  and  administration  tools. 

The  suite  is  designed  to  help  companies 
make  better  use  of  data  that’s  scattered  across 
numerous  data  stores,  including  application- 
specific  databases,  data  marts  and  enterprise 
data  warehouses.  Forrester  Research  estimates 
that  at  least  35%  of  all  application  data  is  dupli¬ 
cated  somewhere  else  in  the  enterprise.  In 
addition,  data  repositories  for  large  applica¬ 
tions  grow  about  50%  annually,  Forrester  says. 

“People  have  been  struggling  with  how  to 
integrate  these  data  sources  and  move  data 
from  one  place  to  another  so  that  applications 
in  various  places  around  the  organization  can 
leverage  the  information  and  intelligence 
being  gathered,”  says  Kathleen  Schaub,  vice 


president  of  the  IT  and  solutions  group  at 
Sybase. 

The  applications  that  businesses  want  to 
build  today  require  more  than  just  data  that 
has  been  copied  to  a  data  warehouse,  Schaub 
says.  To  build  a  risk  analysis  application,  for 
example,  a  financial  services  firm  might  want 
to  combine  historical  data  from  a  data  ware¬ 
house,  real-time  data  from  operational  systems 
and  data  pulled  from  outside  sources,  such  as 
a  news  feed.’They  need  to  be  able  to  create  an 
application  that  blends  all  these  different 
kinds  of  data,”  Schaub  says. 

Version  1.0  of  the  Data  Integration  Suite, 
which  Sybase  expects  to  make  available  next 
quarter,  will  include  four  software  modules: 

•  Sybase  Replication,  which  copies  data 
from  place  to  place  to  make  sure  applications 
have  access  to  the  most  current  information. 

•  Sybase  Data  Federation,  which  creates  a  vir¬ 
tual  view  of  data  integrated  in  real  time  from 
multiple  distributed  sources. 

•  Sybase  Real  Time  Events,  which  uses  a 
messaging  architecture  to  alert  systems  or  staff 
to  critical  events  logged  in  operational  data¬ 


bases. 

•  Sybase  Search,  for  querying  structured  and 
unstructured  data  sources. 

The  suite  also  includes  common  tools  for 
modeling  and  metadata  management  (Sybase 
FbwerDesigner), application  development  (Sy¬ 
base  Workspace)  and  administration. 

In  a  release  due  in  the  second  half  of  2007, 
Sybase  plans  to  integrate  its  extract,  transform 
and  load  (ETL)  software  for  moving  data  from 
operational  systems  to  a  central  repository 

Sybase,  like  many  other  vendors,  has  been 
making  acquisitions  to  round  out  its  data  inte¬ 
gration  offerings.  In  January  Sybase  acquired 
software  maker  Solonde  for  its  ETL  capabili¬ 
ties.  Last  May  Sybase  acquired  Avaki,  which 
built  data  integration  software  for  running 
scheduled  and  ad  hoc  queries  against  distrib¬ 
uted  data  sources. 

Similarly,  IBM  has  purchased  has  purchased 
specialized  vendors  to  round  out  its  informa¬ 
tion  integration  lineup,  including  Ascential 
Software  —  for  $1.1  billion  —  and  Venetica. 
Other  vendors  with  data  integration  suites 
include  BEA  Systems  and  Oracle.B 


tions  about  some  drawbacks  to 
NAC  suggests  “there  are  inherent 
trade-offs  between  security  and 
convenience,”  he  said. 

Questioning  VoIP  security 

NAC  wasn’t  the  only  technology 
catching  the  harsh  glare  of  criti¬ 
cism  at  last  week’s  event.  Nicolas 
Fischbach,  senior  manager  of  the 
European  Network  Security 
Engineering  Division  at  European 
ISP  Colt  Telecom,  targeted  VoIP  in 
his  Black  Hat  presentation. 

A  major  problem  is  patch  man¬ 
agement  of  VoIP  equipment 
because  most  of  it  is  based  on 
software  running  on  top  of 
Windows,  Linux  or  Solaris.  It  may 
have  to  be  patched  when 
Microsoft,  Red  Hat  or  Sun  issues  a 
security  advisory 

“With  patch  management,  when 
you  want  to  update,  sometimes 
VoIP  vendors  say  things  like  'With 
the  patch,  you  break  the  applica¬ 
tion’  or  ‘If  you  patch  it,  we  won’t 
support  it  anymore,”’  Fischbach 
said.  Vendors  don’t  want  cus¬ 
tomers  to  update  VoIP  equipment 
without  an  authorized  patch  from 
them,  he  said. 

Fischbach  said  the  problem  of 
patch  management  touches  every 
part  of  the  VoIP  industry  with  ven¬ 
dors  having  wildly  different  patch 
strategies.  Without  being  updated, 
VoIP  equipment  can  potentially 
be  vulnerable  to  hacking  or 
worms. 

Vendors  acknowledge  the  patch 
management  issue  is  a  touchy 
one.  Knowing  that  customers  may 
not  be  able  to  quickly  add  an 
approved  patch  to  Cisco  VoIP 
equipment,  some  Cisco  VoIP  gear 
comes  with  behavior-based  intru¬ 
sion-prevention  software.  “We 
want  to  offer  options  for  protec¬ 
tion,”  said  Jeff  Platon,  vice  presi¬ 
dent  of  security  solutions  market¬ 
ing  at  Cisco.  ■ 
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NAC  Buyer's  Guide 

Locate  a  network  access  product  suitable 
for  your  environment.  Check  out  our 
online  Buyer's  Guide. 

www.nwdocfinder.csm/4049 
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AMD 


Smarter  Choice 


Is  every  square  inch  of  your  data  center  occupied  by  space-hogging  servers  of  another  era?  It’s  time  to  pack 
more  power  into  your  data  center  with  systems  based  on  the  Dual-Core  AMD  Opteron™  processor.  They’re 
designed  to  generate  less  heat  in  blade  server  environments,  so  you  can  achieve  higher  server  density  per  rack. 
And  thanks  to  its  Direct  Connect  Architecture  with  HyperTransport™  technology,  the  AMD  Opteron  processor 
provides  more  performance-per-watt  and  CPU  scalability.  In  short,  huge  performance  in  a  smaller  space. 


: -  Competitoi - j 

[*  I*  I*  !* 

in  1 1 1 11  i  1 1 1 1 1 1  ii  1 1 
I  ►  I - AMD - 


AMD  Opteron ™  processors  can  increase  server 
rack  density  by  25%  over  the  competition. 
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Linux  event  shows  move  to  mainstream 


Looking  beyond  Linux 

HP  and  IBM  plan  to  use  next  week's  LinuxWorld  to  continue 

their  efforts  to  support  Linux  and  open  source  applications 

better.  Other  announcements  at  the  show  are  expected  to 

include: 

•  Adaptive  Planning  introducing  Adaptive  Planning  Express  Edition,  open  source 
business  performance  management  software  available  for  free  download  at 
www.sourceforge.net/projects/adaptiveplan. 

•  Cleversafe  kicking  off  its  Linux  File  System  project  to  give  Linux  servers  and 
workstations  access  to  a  free,  secure,  community-built  storage  grid. 

•  Codeweavers  announcing  Crossover  Mac,  which  will  let  Windows  applications  run 
within  Mac  OS  X. 

•  FiveRuns  announcing  the  general  availability  of  its  hosted  Web  2.0  Systems 

Management  software.  _ _ 

•  Open  Country  launching  updated  software  to  let  users  provision  and  manage 

thousands  of  Linux  servers  from  a  single  browser.  _____ 

•  Pentaho  rolling  out  the  first  upgrade  of  its  open  source  business  intelligence 
software. 

•  Scalix  announcing  a  new  version  of  its  e-mail  and  calendaring  server,  which  rivals 
Microsoft  Exchange/Outlook.  The  new  version  allows  for  back-end  server  integration 
with  Web-based  applications  such  as  salesforce  automation  platforms. 

•  SugarCRM  releasing  Sugar  4.5,  the  first  version  of  its  CRM  software  to  support 
Windows  fully. 


BY  JENNIFER  MEARS 
AND  PHILHOCHMUTH 

Fifteen  years  after  the  introduc¬ 
tion  of  the  Linux  kernel,  next 
week’s  LinuxWorld  conference 
will  focus  not  on  whether  to  use 
open  source  software  —  the  mar¬ 
ket  has  answered  that  question  — 
but  on  how  to  deploy  secure  and 
manage  the  technology  as  part  of 
a  business  IT  operation. 

Virtualization,  grid  computing 
and  service-oriented  architecture, 
for  example,  are  key  areas  for  con¬ 
ference  sessions  and  keynote  ad¬ 
dresses.  Managing  open  source  in 
heterogeneous  environments  will 
be  an  important  issue,  as  will 
desktop  Linux  and  mobile  Linux, 
the  latter  an  area  that  has  been 
gaining  steam. 

Show  organizer  IDG  World  Expo, 
a  sister  company  of  Network 
World,  says  it  expects  about 
1 1 ,000  people  to  attend  the  con¬ 


ference  at  the  Moscone  Center  in 
San  Francisco  next  Monday 
through  Thursday  —  about  the 
same  number  that  showed  up  last 
year.  Some  175  exhibitors  are  ex¬ 
pected,  though  there  is  one  not¬ 
able  absence:  Red  Hat. 

Red  Hat  has  decided  that  “other 
methods  of  communication  and 
engagement,  including  seminars, 
Red  Hat  Summit  and  other 
focused  events”  are  more  benefi¬ 
cial  in  reaching  customers  and 
the  Linux  community  according 
to  a  Red  Hat  spokeswoman. 

One  new  twist  for  the  confer¬ 
ence  is  LinuxWorld’s  first  Health¬ 
care  Day,  an  event  sponsored  by 
the  Open  Source  Development 
Lab  (OSDL)  that  aims  to  tap  into 
a  growing  interest  in  open 
source  among  IT  executives  at 
healthcare  organizations.And  an 
invitation-only  CIO  Summit  con¬ 
necting  CIOs  with  peers  who 


have  deployed  open  source 
successfully  reflects  the  move¬ 
ment  of  Linux  away  from  its  geek 
roots  and  into  the  realm  of  busi¬ 
ness-focused  IT  executives. 

“Our  first  version  of  Linux  came 
in  about  four  or  five  years  ago  and 
came  in  under  the  radar,  in  the 
guise  of  being  a  test  box,”  says 
Curtis  Edge,  CIO  at  Boston  news¬ 
paper  The  Christian  Science  Moni¬ 
tor,  which  is  revamping  its  Web 
sites  with  open  source  software. 

“Not  having  Linux  was  limiting 
the  products  we  could  buy/’  he 
says.  “It’s  important  now  to  have 
the  discussion  that  asks  what’s 
good  and  bad  about  [open 
source],  not  just  talk  about  it 
being  great.  I  have  no  issue  with 
weighing  a  proprietary  applica¬ 
tion  and  an  open  source  applica- 
tion.You  want  to  give  open  source 
a  fair  shake.” 

Edge  will  join  Guru  Vasudeva, 
associate  vice  president  and  chief 
architect  at  Nationwide,  and 
Michael  Gallagher,  global  man¬ 
ager  of  enterprise  architecture  at 
ABN  Amro,  on  the  CIO  Summit 
panel  on  Tuesday  Vasudeva  also 
will  deliver  a  keynote  address  on 
Wednesday  detailing  his  compa¬ 
ny’s  use  of  virtualization  and 
Linux  to  create  a  simpler  data 
center  environment  that  is  ex¬ 
pected  to  result  in  more  than 
$15  million  in  savings  during  the 
next  three  years. 

“The  concept  of  user  collabora¬ 
tion  and  community  is  gaining 
more  interest,”  says  Stuart  Cohen, 
CEO  of  OSDL. 

“Open  source  companies  will 
continue  to  focus  on  gaps  in  the 
stack  where  they  can  dominate,” 
he  says.  “What  was  once  the 
domain  of  Oracle  and  SAP  is 
now  up  for  grabs  from  SugarCRM 
and  JasperSoft.” 

David  Cafaro,  a  systems  analyst 
for  the  Advanced  Research  Com¬ 
puting  group  at  Georgetown 
University,  will  lead  a  panel  on 
open  source  and  security  Cafaro, 
who  supports  the  university’s 
Linux  and  open  source  systems 
used  in  computational  research, 
also  is  active  in  developing  Linux 
security  technologies  such  as 
Security  Enhanced  (SE)  Linux 
—  a  set  of  National  Security 
Agency-developed  modifica¬ 
tions  to  the  Linux  kernel  that 
enhance  system  security. 

“It’s  always  a  matter  of  finding  a 


compromise  between  a  system 
that  is  unusable  but  secure,  and  a 
system  that  is  usable  but  only  for 
so  long,  until  someone  breaks  it,” 
Cafaro  says. 

In  the  past,  tools  such  as  SE 
Linux  were  hard  to  use,  but  new 
software  tools  from  companies 
such  as  Tresys,  as  well  as  similar 
products  such  as  Novell’s  App- 
Armor  are  making  it  easier  to 
secure  an  open  source  infrastruc¬ 
ture,  Cafaro  says. 

Besides  keeping  open  source 
systems  safe,  another  issue  on  the 
minds  of  users  is  making  Linux 
play  well  with  others. 

“There’s  no  question  interoper¬ 
ability  has  improved”  among 
open  source  and  proprietary 
server  and  desktop  operating  sys¬ 
tems,  says  Jonathan  Reed,  Linux 
support  and  development  spe¬ 
cialist  at  the  Massachusetts  Insti¬ 
tute  of  Technology  where  he  sup¬ 
ports  thousands  of  faculty  staff 
and  students  on  Linux,  Windows, 
Mac  and  Unix  platforms.  He  cites 
improvements  in  existing  tools, 
such  as  Samba,  which  provides 
Windows  client  support  for  Linux 
servers.  New  tools,  such  as  the 
Evolution  Exchange  Connector, 
which  lets  Linux  desktops  run  on 
Microsoft  Exchange  servers,  is 
another  example. 


Red  Hat’s  decision  to  sit  out  the 
show  comes  after  conference 
organizers  shuttered  the  East 
Coast  LinuxWorld  that  has  been 
held  in  Boston  the  past  two 
years,  deciding  instead  to  focus 
on  its  West  Coast  events  and 
launch  a  new  LinuxWorld 
OpenSolutions  Summit  in  New 
York  next  February 
The  OpenSolutions  Summit 
came  in  response  to  industry  re¬ 
quests  for  a  more  focused  event 
concentrating  on  vertical  markets, 
conference  organizers  say  That  de¬ 
mand  for  more  focus  isn’t  surpris¬ 
ing,  with  open  source  now  touch¬ 
ing  all  aspects  of  IT,  analysts  say 
“LinuxWorld  has  become  in¬ 
creasingly  uninteresting,”  says 
Gordon  Haff,  an  analyst  with 
Illuminata.“It’s  following  a  typical 
path  for  these  types  of  shows. 
What’s  happening  in  this  particu¬ 
lar  case  is  LinuxWorld  has  grown 
to  encompass  all  of  open  source 
and  everything  that  touches  open 
source,  which  is  to  say  just  about 
everything  in  IT  at  this  point.  So 
it’s  kind  of  become  about  every¬ 
thing  and  nothing.And  unfocused 
shows  don’t  survive  indefinitely 
“Smaller,  more  focused  shows 
start  rising  up  and  are  more 
interesting  to  people  than  big 
shows,”  Haff  says.  ■ 


Array  gear  protects 
healthcare  provider 

BY  TIM  GREENE 

Humana  Health  Care  used  to  rely  on  a  mix  of  remote-access  meth¬ 
ods  but  wanted  a  single,  flexible  technology  that  would  reduce  the 
number  of  network  entry  points  for  malicious  activity  As  a  result.it  is 
standardizing  on  SSL  VPNs  for  all  remote  access  —  and  saving 
money  at  the  same  time. 

The  health  provider  in  Louisville,  Ky,  uses  a  pair  of  Array  Networks 
SPX5000s  deployed  in  tandem  to  handle  thousands  of  simultaneous 
connections  as  a  replacement  for  IPSec  VPNs  and  dial-up  Remote 
Access  Services  servers,  which  can  cost  hundreds  of  dollars  per  con¬ 
nection,  says  Chuck  Deaton,  security  manager  for  the  company’s  secu¬ 
rity  infrastructure  architecture  design  team.  By  comparison,  the  Array 
gear  costs  about  $10  per  connection,  he  says. 

Humana  has  about  10,000  users  authorized  to  access  its  network 
remotely, and  it  needed  a  way  to  simplify  access  and  maintain  tight  con¬ 
trol  over  who  gets  into  the  network  and  what  rights  they  have  once 
there,  Deaton  says.  About  2,500  users  are  logged  on  at  any  given  time. 

About  18  months  ago  the  company  started  considering  SSL  VPNs 
to  replace  Cisco  and  Nortel  IPSec  VPN  gear,  Microsoft  Point-to-Point 
Tunneling  Protocol  software  and  dial-up  servers  in  its  network. The 
IPSec  VPN  gear  worked,  but  it  required  installing  and  maintaining 
clients  on  all  machines,  making  it  more  difficult  to  open  the  net¬ 
work  to  business  partners  or  allow  Humana  employees  access  from 
their  own  computers. 

Because  of  limits  on  how  many  users  the  other  access  products  sup¬ 
ported,  these  options  required  multiple  gateways  deployed  in  a 
secure  network  segment  between  firewalls  —  a  DMZ.“Each  one  rep¬ 
resents  an  attack  vector,”  Deaton  says.  “The  more  doorways  and 
avenues  that  you  have  for  data  to  flow,  the  more  costly  it  is  to  maintain 
accountability  and  control  of  that.” 

In  addition, as  the  number  of  devices  grows, so  does  the  cost. 

See  Humana,  page  14 


INFRASTRUCTURE  LOG 


_DAY  15:  Our  network’s  too  complex  to  manage.  We’re 
not  proactive  at  all;  we’re  just  reacting.  Help! 

_Gil  brought  in  a  crystal  ball.  Says  he  can  now  peer 
into  the  future  of  our  infrastructure. 


_DAY  17:  I  see  a  better  way:  IBM  Tivoli  middleware. 
It  gives  us  a  holistic  view  of  the  infrastructure  and 
analyzes  the  relationship  between  apps,  systems  and 
networks.  Fixes  problems  proactively  for  more  uptime 
and  more  storage  availability .  Plus,  it’s  open, 
modular  and  scalable. 


Gil  says  he  saw  all  that  too  but  forgot  to  tell  us 


Better  manage  the  business  of  I.T.  at: 

IBM.COM/TAKEBACKCONTROL/PROACTIVE 


IBM.  the  IBM  logo  and  Tivoli  are  registered  trademarks  ot  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  i£2006  IBM  Corporation.  All  rights  reserved. 
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Vodafone  not  leaving  Verizon  Wireless 


BY  JIM  DUFFY 

Vodafone  is  unlikely  to  part  with  its  minority 
stake  in  Verizon  Wireless,  Verizon 
Chairman  Ivan  Seidenberg  said  in 
an  earnings  conference  call  last 
week. 

Verizon  reportedly  had  offered 
Vodafone  $38  billion  for  its  45% 
stake  in  the  joint  venture.  Verizon 
had  expressed  interest  in  wresting 
control  of  Verizon  Wireless  from 
Vodafone  so  it  could  better  chart 
the  path  to  its  own  growth  in  the 
coming  years. 

Gaining  full  control  over  wireless 
assets  is  a  big  reason  AT&T  is 
acquiring  BellSouth  and  its  40% 
stake  in  Cingular.  AT&T  owns  the  other  60%  of 
Cingular. 

Seidenberg  said  he  had  talks  with  Vodafone 
CEO  Arun  Sarin  recently  however,  and  indi¬ 
cated  that  Sarin  wished  to  retain  Vodafone’s 
stake  in  Verizon  Wireless. 

“What  Arun  communicated  to  us  was  that 


Vodafone  was  extremely  pleased  with  their 
position  in  the  partnership,”  Seidenberg  told 
analysts  during  the  earnings  call. 
“The  operating  agreement  between 
the  two  of  us  is  strong,  is  sustain¬ 
able,  it’s  stood  the  test  of  time  over 
these  five  or  six  years  and  their  view 
is  that  the  creation  of  value  that’s 
available  to  them  over  the  next  sev¬ 
eral  years  is  far  greater  than  any 
strategy  that  they  might  have  to  exit 
the  partnership.” 

Vodafone  says  Verizon  Wireless’ 
effort  to  extend  the  IP  Multimedia 
Subsystem  (IMS)  standards  work  is 
driven  more  by  self-interest  than  in¬ 
dustrywide  benefit.Verizon  Wireless 
and  five  of  its  vendors  last  week  pitched 
Advances  to  IMS  (A-IMS)  to  fill  perceived  gaps 
in  current  IMS  standards  work. 

“The  A-IMS  initiative  is  clearly  a  matter  for 
Verizon  Wireless  and  its  partners  as  it  seeks  to 
bring  about  the  best  solution  for  its  own  net¬ 
work,”  a  Vodafone  spokesman  said  in  an  email 


reply  on  the  A-IMS  initiative. 

“The  A-IMS  paper  includes  a  number  of  mod¬ 
ifications  to  the  current  IMS  logic”  the  spokes¬ 
man  stated.“Some  of  these  modifications  have 
in  essence  already  been  addressed  as  a  work 
plan  for  3GPP  R7  and  R8,  while  others  address 
architectural  requirements  alone  and  are  not 
relevant  to  the  3GPP/GSM  standardization 
effort.  Vodafone  is  continuing  to  assess  which 
aspects  of  the  A-IMS  proposition  could  be  rel¬ 
evant  to  the  3GPP  standard.” 

Verizon  Wireless  has  stated  that  A-IMS  is  tar¬ 
geted  more  specifically  at  the  3GPP2’s  Multi- 
media  Domain  work  for  Code  Division 
Multiple  Access  (CDMA)  than  at  3GPP’s  IMS 
for  GSM,  though  it  says  it  is  relevant  to  both. 
Verizon  Wireless  and  its  five-vendor  task  force 
is  attempting  to  garner  industrywide  support 
for  A-IMS  and  steer  it  through  the  standards 
process. 

Asked  why  Vodafone  did  not  participate  in 
this  task  force,  the  spokesman  stated:  “A-IMS 
has  been  developed  for  the  CDMA  market 
rather  than  the  GSM  market.”  ■ 


Verizon  Chairman 
Ivan  Seidenberg's 
talk  with  Vodafone 
did  not  change  the 
company’s  mind. 


Bus-tech  touts  mainframe  storage  system 

Appliance  provides  alternative  to  automated  tape  libraries  for  recovery,  compliance, 


Mainframe  data  handler 


Bus-Tech’s  Mainframe  Data  Library  is  designed  to  simplify  migration  and  storage  of  data  to 
open  systems  arrays  for  purposes  such  as  disaster  recovery  and  regulatory  compliance. 


BY  DENI  CONNOR 

Bus-Tech  is  rolling  out  a  virtual 
tape  appliance  that  replicates 
mainframe  data  to  disk-based 
storage  systems. 

The  Mainframe  Data  Library 
(MDL),  which  takes  up  less  space 
than  an  automated  tape  library 
and  can  cut  down  on  media  ex¬ 
penditures,  supports  applications 
such  as  regulatory  compliance 
and  disaster  recovery. 

The  appliance,  which  consists 
of  as  many  as  four  bundled  Bus- 
Tech  Mainframe  Appliance  for 
Storage  systems,  connects  to  an 
IBM  zSeries  or  Unisys  2200  main¬ 
frame  via  Enterprise  Systems  Con¬ 
nection  (ESCON)  or  Fibre  Con¬ 
nection  (FICON)  and  to  an  open 
systems  Network  Appliance  Near- 
Store,  EMC  Centera  or  Celerra 
array  via  SCSI,  Fibre  Channel  or 
Gigabit  Ethernet.  Bus-Tech  also 
plans  support  for  Hitachi’s  Hi- 
Command  Content  Archiving 
Platform  and  Sun’s  Compliance 
Archiving  Software. 

Because  it  has  four  to  eight 
FICON  ports  or  four  to  12  ESCON 
ports,  the  MDL  can  boost  the  effi¬ 
ciency  of  data  transfer  and 
migration.  Bus-Tech  says  its  new 
offering  supports  more  than 
400Mbps  throughput.lt  can  emu¬ 
late  as  many  as  1,024  IBM  tape 


IBM  zSeries 
or  Unisys  2200 


drives  and  is  transparent  to 
mainframe  operations. 

The  library  also  features  a  tape 
eject  function  that  provides  for 
the  writing  of  data  from  disk  to 
tape  over  IP  enabling  off-site  stor¬ 
age  for  disaster  recovery 

“The  MDL  provides  an  inex¬ 
pensive  disaster-recovery  solu¬ 
tion  that  allows  data  to  be  trans¬ 
mitted  over  the  IP  network  either 
synchronously  [for  short  dis¬ 
tances]  or  asynchronously  [for 
longer  distances]  without  requir¬ 
ing  additional  equipment  such 
as  channel  extenders,”  says 
Dianne  McAdam,  director  of 
enterprise  information  assur- 


Mainframe  Data  Library 


ance  for  The  Clipper  Group 
research  firm. 

“The  [product]  allows  cus¬ 
tomers  to  take  advantage  of 
snapshot  features  to  test  disaster- 
recovery  capabilities  without 
interfering  with  ongoing  trans¬ 
missions,”  she  adds. 

The  appliance  also  features 
AES-256  software  encryption  of 
the  virtual  drive. 

“Logical  tapes  can  be  en¬ 
crypted,  then  written  to  physical 
tapes  in  encrypted  format,  which 
allows  physical  tapes  to  be  trans¬ 
ported  without  worrying  about 
unencrypted  tapes  being  lost,” 
McAdam  says. 


The  MDL  competes  with  host- 
based  virtual  tape  software 
from  Diligent  and  CA  and 
virtual  tape  libraries  from 
Sun/StorageTek’and  IBM.  Unlike 
the  software-based  systems, 
which  require  mainframe-class 
disk  systems  such  as  the  IBM 
DS8000  or  EMC’s  DMX,  Bus- 
Tech’s  product  uses  less- 
expensive  disk  systems,  such  as 
the  EMC  Centera  and  Celerra. 
Starting  at  $120,000,  it  is  also 
less  expensive  than  the  Sun/- 
StorageTek  Virtual  Storage 
Manager  and  IBM’s  Virtual  Tape 
System,  which  start  at  more 
than  twice  that  price.  ■ 
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.INFRASTRUCTURE  LOG 

_DAY  18:  Everything  is  frozen.  It’s  our  processes. 
They’re  inflexible.  We  can’t  respond  to  change. 


I 

-f 


/ 


_Why  did  we  lock  ourselves  in  like  this?  Brrrr. 

_DAY  19:  A  way  out.  IBM  WebSphere  middleware  for 
Business  Process  Management.  It  lets  us  streamline 
business  tasks.  We  can  test  our  processes  before  we 
roll  them  out  and  monitor  performance  once  they’re 
deployed,  and  reuse  is  easy  because  it’s  based  on  a 
service  oriented  architecture. 


.Everything  s  unfrozen  now.  Wow,  it  s  good  to  feel 
my  toes  again. 


t n1''  <  • 

Lx. 

WebSphere 


Take  the  BPM  with  SOA  Assessment  at: 

IBM.COM/TAKEBACKCONTROL/PROCESS 
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Licensing 

continued  from  page  1 

Bentley  Architecture." 

While  Bentley  operates  in  a 
niche  market,  its  efforts  to  keep 
customers  happy  reflect  a  chal¬ 
lenge  all  software  makers  face: 
customer  retention.  In  particular, 
software  makers  with  traditional 
licensing  models  are  trying  to 
compete  with  vendors  that 
offer  lower  start-up  costs  via 
open  source  products  or  hosted 
options, says  Joshua  Greenbaum, 
a  principal  at  Enterprise  Ap¬ 
plications  Consulting. 

“On-demand  and  open  source 
have  had  the  combined  effect  of 
disrupting  a  lot  of  traditional 
licensing  models  and,  therefore,  a 
lot  of  traditional  revenue  models,” 
Greenbaum  says.  “When  there’s  a 
potentially  disruptive  player 
involved,  customer  retention 
becomes  even  more  critical.” 

But  despite  the  increased  com¬ 
petition,  most  packaged  software 
makers  aren’t  making  conces¬ 
sions  in  favor  of  customers. 

“Things  are  still  very  much 
geared  toward  the  vendor]’  says 
Ray  Wang,  a  principal  analyst  at 
Forrester  Research.  “Once  you 
lock  in,  after  the  initial  purchase, 
everything  is  kind  of  stacked 
against  you.  You’ve  made  this 
major  investment,  and  if  you  want 
to  switch  off  the  software,  the 
switching  costs  are  very  high.” 

For  example,  most  software 
vendors  make  it  difficult  for 
companies  to  stop  paying  main¬ 
tenance  and  support  fees  on 
licenses  they  aren’t  using.  “A  lot 
of  vendors  require  a  renegotia¬ 
tion  of  a  license  if  you  want  to 
downgrade  the  number  of 
users,”  Greenbaum  says. 

Bentley’s  license  exchange  pro¬ 
gram  is  an  exception,  Wang  says. 
“It’s  definitely  unique, it’s  definitely 
very  innovative,”  he  says. 

While  Bentley  may  be  leaving 
money  on  the  table  by  letting  cus¬ 
tomers  acquire  new  products 
through  trade-ins  rather  than  pur¬ 
chasing  new  licenses,  in  the  big 
picture  the  vendor  could  come 
out  ahead. 

“License  revenue  is  important, 
but  maintenance  revenue  is  often 
tile  real  cash  cowf  Greenbaum 
says.  “It’s  cheaper  to  a  certain 
extent  to  send  [customers]  an¬ 
other  DVD  and  keep  them  paying 
15%  or  18%  maintenance  than  it  is 
to  let  them  to  walk  out  the  door." 

Plus,  the  exchange  program 
sends  a  user-friendly  message  to 


The  state  of  shelfware 

Companies  are  getting  better  at  reducing  shelfware  but  some 
amount  of  unused  software  is  still  the  norm,  according  to  a 
Forrester  Research  survey  of  242  companies  with  more  than 
1,000  employees. 


Software 

Licenses  unused 

Desktop  productivity 

6°/oto7% 

Packaged  applications 

5%  to  7% 

Web  applications 

2%  to  6% 

Platform  software/middleware 

3%  to  4°/o 

Infrastructure 

3%  to  4% 

Network 

3°/oto4°/0 

Security 

3% 

Backup 

2% 

customers, Wang  says.’if  you  share 
everything  you  have  in  your  port¬ 
folio  of  licenses,  you  really  give 
customers  the  impression  that 
you’re  there  to  help,  to  partner 
with  them,”  he  says.  “It’s  much 
more  of  a  long-term  play,  whereas 


a  lot  of  other  vendors  are  thinking 
short-term,  quarter  to  quarter’’ 
Bentley  also  offers  concurrent 
licensing  options  that  let  compa¬ 
nies  pool  the  available  licenses  for 
use  by  all  employees.  The  pooled 
licensing  model  is  very  attractive, 


Thomas  says.  “We  can  load  the 
software  onto  every  machine  in 
the  organization,  and  people  get  a 
license  when  they  need  it,”  he  says. 
It’s  much  easier  to  make  a  busi¬ 
ness  case  for  purchasing  20  li¬ 
censes  of  software  that  50  people 
will  be  able  to  share  than  it  is  to 
find  funds  for  50  licenses  of  soft¬ 
ware  that  most  users  only  need  to 
access  occasionally  he  adds. 

More  packaged  software  makers 
used  to  offer  pooled  licensing,  but 
most  have  moved  away  from  that 
and  require  companies  to  get  a 
license  for  every  named  user, 
Wang  says.  One  exception  is 
Microsoft,  which  still  offers  a  con¬ 
current  usage  license  for  its 
Dynamics  (formerly  Great  Plains) 
business  software.  “Everyone  else 
has  gone  to  named  user;’  he  says. 

Wang  expects  that  as  software 
as-a-service  models  gain  greater 
traction,  more  vendors  will  exper¬ 
iment  with  licensing  flexibility 

“With  softwareas-a-service  and 
different  hosting  options,  there  are 
all  these  ways  to  reduce  the  cost 


of  ownership  as  well  as  the  cost  of 
the  licenses,”  Wang  says,  adding 
that  while  vendors  such  as  SAP 
and  Oracle  have  a  tight  hold  on 
the  largest  enterprises,  there  are 
no  clear  leaders  in  the  mid¬ 
market.  “Right  now  it’s  still  a  land 
grab  for  the  mid-market,”  he  says. 

But  neither  Wang  nor  Green¬ 
baum  expects  sweeping  licens¬ 
ing  changes  overnight.  Business 
software  makers  have  been 
adding  on-demand  products  to 
their  portfolios  to  keep  up  with 
the  competition,  but  few  have 
done  any  serious  rejiggering  of 
traditional  licensing  models, 
Greenbaum  says. 

Wang  suggests  companies  care¬ 
fully  negotiate  contracts  to  limit 
the  chance  of  paying  mainte¬ 
nance  on  unused  software.  For 
example,  a  company  with  plans  to 
purchase  1,000  licenses  could 
make  arrangements  to  begin  pay¬ 
ing  for  maintenance  on  100 
licenses  in  the  first  year,  500  in  the 
second  year  and  400  licenses  in 
the  third  year.B 


Humana 

continued  from  page  10 

“If  we  could  minimize  the  num¬ 
ber  of  different  things  we  have  to 
measure  and  monitor  and  buy 
technologies  for,  then  it  becomes 
a  more  economical  approach  to 
security’  he  says." 

Humana  tested  Array  gear  as 
well  as  SSL  VPN  products  from 
Aventail,  Citrix,  F5  Networks, 
Juniper  and  NetScaler  (since 
bought  by  Citrix).  The  company 
chose  Array  for  its  range  of  fea¬ 
tures  —  SSL  VPN,  encryption 
acceleration,  TCP  multiplexing, 
compression,  load  balancing  — 
and  because  each  SPX5000 
accommodates  64,000  concur¬ 
rent  users,  according  to  a  test  by 
Tolly  Group. 

The  Humana  SSL  VPN  is  set  up 
so  that  remote  users  go  to  a  URL, 
and  their  machine  is  probed  for 
whether  it’s  a  Humana  machine. 
If  it  is,  it’s  scanned  by  Symantec 
endpoint-checking  software  to 
see  whether  its  configuration 
meets  corporate  security  policy 
Only  after  their  machines  pass 
that  test  are  users  asked  to  authen¬ 
ticate,  Deaton  says.  “This  avoids 
brute-force  attacks  and  password 
guessing,”  he  says. 

Users’  logons  are  matched 
against  Lightweight  Directory 
Access  Protocol  or  Active 
Directory  data  stores  to  find  out 


Array  SSL  VPN  works  for  Humana 

Centralizing  remote  access  through  Array  Networks  SSL  VPN  gateways  helps  healthcare 
provider  Humana  run  remote  access  more  efficiently  and  with  tighter  controls. 


Q  Business 
partner 

Humana  worker 
on  Humana  PC 

Humana  worker 
on  worker’s  PC 
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Switch 


Servers 


□  Pre-logon  screening  and  authentication  divide  users  into  groups  assigned  different  access  rights. 

BA  pair  of  Array  SSL  VPN  gateways  load  balances,  TCP  multiplexes,  and  compresses  traffic  to  handle  server  requests  and 
responses  more  efficiently. 

H  The  Array  gear  helps  Humana  slow  the  growth  in  the  number  of  servers  needed  to  meet  increasing  demand  from  remote  users. 


what  user  group  they  belong  to 
and  what  access  rights  they’ve 
been  assigned.  To  alter  an  indi¬ 
vidual's  rights,  an  administrator 
changes  the  group  that  person 
belongs  to  in  the  directory, 
Deaton  says.  The  business 
doesn’t  have  to  maintain  a  sepa¬ 
rate  user  data  store  just  for 
remote  access. 

Trusted  employees  on  trusted 
machines  get  Layer  3  access  — 
like  an  IPSec  connection  —  that  is 
as  close  to  LAN  access  as  possi¬ 
ble,  Deaton  says.  For  less-trusted 
users  and  machines,  the  same  SSL 
VPN  gear  grants  limited  access 
via  Web  proxy 


“We  use  SSL  as  an  IPSec 
replacement,”  he  says,  helping 
his  consolidation  move.  “We’re 
adding  users  every  day  to  [the 
SSL]  gateway  and  finding  ways 
to  take  those  same  users’  access 
away  from  other,  more  tradi¬ 
tional  paths.” 

An  additional  benefit  of  the  SSL 
VPN  came  up  during  hurricanes 
Rita  and  Katrina  last  year,  when 
employees  unable  to  get  to 
Humana  offices  accessed  the 
VPN  via  their  own  computers 
and  were  able  to  do  work, 
Deaton  says. 

Because  the  Array  gateways 
make  communications  with 


servers  more  efficient  via  TCP 
multiplexing  and  load  balancing, 
they  have  slowed  growth  in  the 
number  of  servers  Humana 
needs. 

In  the  long  term,  Humana  is  try¬ 
ing  to  establish  the  SSL  VPN  gear 
as  the  central  gateway  for  remote 
access,  behind  which  the  com¬ 
pany  can  deploy  other  security 
technologies  such  as  intrusion- 
detection  and  -prevention  plat¬ 
forms,  firewalls,  traffic  loggers  and 
router  protections.  Operationally, 
using  a  single  access  technology 
requires  fewer  employees,  help¬ 
ing  to  keep  expenses  down. He 
would  not  say  how  much.B 
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_DAY  12:  No  one  can  get  real-time  answers.  No  one  can 
collaborate.  Unmanaged  public  IM  is  a  security  nightmare. 

_Gil  brought  in  a  “collaboration  accelerator . ”  I 
said  it  looks  like  a  cannon.  He  said  I  had  a  small  mind. 

_DAY  14:  The  answer:  IBM  Lotus®  Sametime®  7.5.  It’s 
not  just  IM  and  Web  conferencing,  it’s  an  affordable 
platform  for  running  the  business  in  real  time.  It’s 
encrypted.  Has  tons  of  features  like  VoIP  and  location 
awareness.  And  it  works  seamlessly  with  leading  public 
IM  networks.  Everyone  has  real-time  answers  now. 

_We’ve  even  recovered  most  of  our  employees. 
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Midwest 

continued  from  page  1 

away!’  says  Lance  Healy,  Banyan 
co-founder  and  vice  president.“A 
lot  of  people  make  sarcastic 
comments  that  we’re  located  in  a 
real  tech  Mecca.  We  usually  don’t 
lead  our  sales  pitches  with  that.” 

Banyan  is  one  of  six  network 
start-ups  located  in  Ohio  to  have 
received  venture  funds  in  2006.  In 
the  12  states  that  comprise  the 
Midwest,  only  25  network  start¬ 
ups  have  signed  venture  deals 
this  year. That’s  just  3%  of  822  net¬ 
work-oriented  venture  capital 
deals  closed  nationwide  in  2006. 

In  contrast,  the  top  three  states 
for  network-oriented  venture 
capital  activity  —  California, 
Massachusetts  and  Texas  —  rep¬ 
resent  64%  of  the  deals  closed  in 
2006.  California  alone,  with  371 
deals,  is  home  to  45%  of  the  net¬ 
work  start-ups  funded  this  year. 

“As  far  as  venture-backed  com¬ 
panies  are  concerned,  the 
Midwest  is  lagging  [behind]  the 
rest  of  the  nation,”  says  Tracy 
Lefteroff,  global  managing  part¬ 
ner  of  the  venture  capital  prac¬ 
tice  at  PricewaterhouseCoopers. 
“They  have  the  research  institu- 
tions.They  don’t  have  the  ven¬ 
ture  capital  and  the  experienced 
entrepreneurs  to  build  those 
companies.” 

The  statistics  above  are  from 
the  quarterly  “MoneyTree 
Report”  by  Pricewaterhouse¬ 
Coopers  and  the  National 
Venture  Capital  Association. 
Network  World  receives  a  special 
cut  of  the  report’s  data  (supplied 
by  Thomson  Financial)  that  is 
focused  on  the  network  industry 
(Find  out  more  details  on  the 
survey  at 

www.nwdocfinder.com/4652. 

Midwestern  venture  deals  are 
smaller  than  those  on  either 
coast,  according  to  the  latest 
MoneyTree  data.The  total 
amount  of  venture  funding 
pumped  into  network  start-ups 
in  the  Midwest  this  year  is  $91 
million,  a  mere  1.5%  of  the  $5.8 
billion  invested  nationwide. 

California,  Massachusetts  and 
Texas  account  for  $4  billion,  or 
70%,  of  the  venture  funding 
received  by  network  start-ups 
this  year.  Would-be  Ciscos  and 
Googles  located  in  California 
attracted  $3  billion  this  year,  or 
52%  of  the  funding. 

'ITie  average  deal  size  in  the 
Midwest  was  $3.7  million,  com¬ 
pared  with  $7.7  million  for  the 


VG  funds  received 
by  Midwestern 
network  start-ups 
in  2006 


Number  Funding  (in 
State  of  deals  millions) 


Illinois  8 

S44 

Indiana  2 

$2 

Iowa  0 

SO 

Kansas  0 

SO 

Michigan  2 

N/A 

Minnesota  4 

S32 

Missouri  1 

N/A 

Nebraska  1 

S3 

North  Dakota  0 

SO 

Ohio  6 

S3 

South  Dakota  0 

SO 

Wisconsin  1 

S7 

Total  25 

i  $91 

Top  states  for  VC 
funding  in  network 
start-ups  in  2006. 

Number  Funding  (in 
State  of  deals  millions) 


California 

371 

S2.996 

Mass. 

106 

S685 

Texas 

45 

$335 

Total 

522 

$4,016 

SOURCE:  MONEYTREE  REPORT  BY 
PRICEWATERHOUSECOOPERS  ANDTHE 
NATIONAL  VENTURE  CAPITAL 

ASSOCIATION 

leading  states. 

“It’s  hard  to  attract  venture  capi¬ 
tal  funds  to  come  to  the  Midwest 
to  oversee  small  deals,” says 
Steven  Humke,  partner  with  the 
private  equity  and  venture  ser¬ 
vices  group  at  Ice  Miller,  an 
Indianapolis  law  firm.  Indiana  has 
closed  two  Web-related  venture 
deals  this  year,  representing  $2.3 
million.“It’s  also  the  culture  of  the 
market  here,”  he  says. 
“Entrepreneurs  would  rather  raise 
the  money  themselves  and  not 
have  the  dilution  of  [ownership] 
they  have  in  dealing  with  VCs.” 

Missing  in  middle  America 

The  Midwest  doesn’t  lack  tech¬ 
nical  talent.  Plenty  of  computer 
science  and  network  engineer¬ 
ing  majors  graduate  from  top 
schools,  including  Purdue  Uni¬ 
versity,  the  University  of  Illinois  at 
Champaign-Urbana  and  the  Uni¬ 
versity  of  Michigan-Ann  Arbor. 

“We  have  very  strong  universi¬ 


ties  here,”  says  David  Hofer,  CMO 
of  Plexus  Online,  a  manufactur¬ 
ing  software  company  in  Auburn 
Hills, Mich., about  40  minutes 
north  of  Detroit.  Most  of  the  100 
employees  at  Plexus  are  from 
the  region. “People  forget  that  the 
automotive  industry  in  this  town 
is  very  technologically  adept,  so 
we  have  deep  talent  resources,” 
Hofer  says. 

Still,  Hofer  admits,  Plexus  is  a 
rarity“There  are  not  a  lot  of  soft¬ 
ware  companies  doing  develop¬ 
ment  work  in  Michigan.  We’re 
certainly  an  anomaly/’  he  says. 

Experts  say  what’s  missing  in 
the  Midwest  is  the  entrepreneur¬ 
ial  culture  found  in  high-tech 
centers  such  as  Austin,  Boston 
and  San  Jose.  Cities  such  as 
Chicago,  Columbus,  Detroit  and 
Indianapolis  don’t  have  enough 
experienced  entrepreneurs  and 
can’t  attract  them  from  outside 
the  region. 

“The  first  thing  a  venture  firm 
will  do  if  it  is  investing  in  a 
Midwest  start-up  is  to  move  the 
company/’  Pricewaterhouse¬ 
Coopers’  Lefteroff  says.“You  can’t 
recruit  out  there,  so  it’s  hard  to 
build  these  companies. ...  If 
you’re  an  entrepreneur  or  a  sci¬ 
entist  and  you  get  recruited  into 
a  market  like  Indianapolis  and 
the  start-up  doesn’t  work,  there 
are  no  other  job  opportunities 
out  there.  In  the  Bay  Area,  there 
are  more  job  opportunities  than 
people  to  fill  them.” 

“The  money  is  key/’ Lefteroff 
says.“Nothing  happens  without 
the  money’ 

A  dearth  of  venture  funding  is 
what  prompted  Paul  Batcheller 
—  previously  on  the  staff  of  for¬ 
mer  U.S.Sen.Tom  Daschle  —  to 
form  PrairieGold  Venture  Part¬ 
ners  in  2004  in  Sioux  Falls,  S.D. 
PrairieGold  focuses  on  regional 
investments  of  less  than  $2  mil¬ 
lion. 

“We  do  sense  some  bias” 
against  Midwestern  start-ups  in 
the  big  venture  firms,  Batcheller 
admits.’As  we’ve  started  talking 
to  some  West  Coast  firms  for  fol¬ 
low-on  investment,  the  bar  is 
higher  because  of  our  location.” 

PrairieGold  has  made  four 
investments,  including  Game 
Plan  Technologies,  an  Omaha, 
Neb., start-up  selling  digital 
video  technology  for  the  sports 
industry.  Game  Plan  raised  $2.5 
million  in  April  from  PrairieGold 
and  Adena  Ventures  of  Athens, 
Ohio  and  Mountaineer  Capital 
of  Charleston, WVa. 


Batcheller  sees  a  lot  of  advan¬ 
tages  to  being  in  the  Midwest  for 
start-ups  like  Game  Plan. 

“Life  here  tends  to  be  a  little 
easier]’ he  says.“For  a  focused 
entrepreneur,  who  doesn’t  want 
to  deal  with  traffic,  high  competi¬ 
tion  for  talent  and  expensive 
cost  structures,  there  are  a  lot  of 
advantages  of  doing  business  in 
the  Midwest.  Companies  tend  to 
be  more  focused.  Employees 
tend  to  be  more  loyal.” 

Venture  capital  firms  bring 
more  than  money  to  start-ups: 
They  bring  experience  and  IT 
industry  contracts  that  can  help 
foster  partnerships  and  early 
customers. 

Beyond  the  garage 

When  they  first  get  funding, 

“A  lot  of  people 
make  sarcastic 
remarks  that 
we’re  located  in  a 
real  tech  Mecca.” 

Lance  Healy,  co-founder,  Banyan 

Midwestern  start-ups  usually  are 
more  mature  — they  have  cus¬ 
tomers  and  they’re  shipping 
products  —  than  start-ups  on 
the  coasts. 

Plexus  was  1 1  years  old  and 
had  350  customers  before  it 
received  its  first  round  of  financ¬ 
ing  in  June  from  Apax  Partners,  a 
New  York  private  equity  firm.The 
amount  of  financing  is  undis¬ 
closed. 

“We  viewed  this  as  a  way  to 
augment  our  sales  and  market¬ 
ing  effort,”  Hofer  says.“The  invest¬ 
ment  wasn’t  put  into  product 
development.  Apax  took  a  mi¬ 
nority  stake.” 

The  additional  cash  is  helping 
the  company  grow.  It  already  has 
generated  $19.5  million  in  rev¬ 
enue  this  year,  compared  with 
$14.2  million  in  revenue  for  all 
of  2005. 

“We  weren’t  out  looking  for 
financing,”  Hofer  says.They 
came  to  us  because  they  were 
very  intrigued  with  our  business 
model. They  saw  the  frustration 
manufacturers  were  having 
migrating  to  new  systems  and 
trying  to  manage  their  IT  depart- 
ments.They  saw  how  our  soft- 
ware-as-a-service  application 
freed  up  their  manufacturing 
clients.” 

That’s  why  Midwestern  start-ups 
also  have  the  reputation  of  having 


more  substance  than  style.  Jeff 
Mills,  vice  president  of  channel 
development  for  business- 
process-management  software 
start-up  Bluespring  Software  in 
Cincinnati, says  when  he  worked 
in  Silicon  Valley  too  many  start¬ 
ups  announced  products,  cus¬ 
tomers  and  partnerships  prema¬ 
turely 

“We’re  much  more  grounded 
here  in  the  Midwest,”  he  says. 
“The  venture  capital  community 
is  tougher  on  us  from  the  stand¬ 
point  of  due  diligence  vs.  more 
faith  on  the  coasts.  The  advan¬ 
tage  is  that  we’re  selling  less 
vaporware  here.” 

An  unexpected  problem  for 
Midwestern  start-ups  is  that 
potential  customers  in  the 
region  are  often  risk  averse. 
That’s  what  happened  to  Ban¬ 
yan,  which  couldn’t  attract  local 
customers  until  it  already  had 
customers  on  the  East  Coast. 

“We  have  customers  in  Maine, 
Vermont,  New  Hampshire  and 
Connecticut.  More  than  80%  of 
our  business  is  in  New  England,” 
Banyan’s  Healy  says. “We  couldn’t 
get  any  penetration  in  our  own 
backyard  until  we  had  customers 
on  the  East  Coast.  Potential  cus¬ 
tomers  here  were  kind  of  fatalis¬ 
tic:  How  good  can  the  software 
be  if  it’s  made  here?” 

Healy  says  the  situation  was 
ironic,  because  to  New  England 
manufacturers,  Banyan’s  Ohio 
location  was  a  plus.“In  New 
England,  Cleveland  is  consid¬ 
ered  warehousing-central,”  he 
says.“Being  from  Northeast  Ohio 
helped  qualify  us.” 

All  in  all,  being  a  high-tech 
entrepreneur  in  the  Midwest  is 
akin  to  being  a  fish  out  of  water. 
“The  attitude  around  innovation 
isn’t  here,”  says  Rob  Daly,  presi¬ 
dent  and  CEO  of  Bluespring. 
“The  Midwestern  attitude  is  to 
respect  [money]  that’s  been  sit¬ 
ting  around  for  a  long  time.  It’s 
respecting  someone  else’s  entre¬ 
preneurial  instincts  rather  than 
the  people  trying  to  take  new 
ventures  out  of  the  ground.”® 


Got  great  ideas? 


■  Got  a  suggestion  for  a  Wider  Net 
story?  An  offbeat  network  industry- 
related  topic?  A  fascinating  person¬ 
ality  we  should  profile?  Contact 
Bob  Brown  with  your  ideas  at 
bbrown(a)nww.coni. 


Let  Internet  Security  Systems  stop 

network  threats  before  they  impact  your  business 


How  do  you  ensure  compliance  and  manage  costs  when  your  security  is  less  than  certain?  Even  "zero-day"  solutions  aren't  fast  enough  to 
protect  against  losses  once  an  Internet  attack  hits.  The  alternative  is  preemptive  security  from  Internet  Security  Systems.  Because  our  enterprise 
solutions  are  based  on  the  world's  most  advanced  vulnerability  research,  only  ISS  can  can  offer  preemptive  security  and  stop  threats  More  they 
impact  your  business.  So  why  rely  on  "reaction"  when  security  can  be  a  sure  thing? 


Need  proof?  Get  a  free  whitepaper,  Preemptive  Security:  Changing  the  Rules,  at  www.iss.net/proof  or  call  800-776-2362. 
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Introducing  the  industry’s  highest  performance  Ethernet 
switch  family  ready  to  deliver  wire-speed  non-blocking 
performance  to  1.14  billion  packets  per  second  (or  up  to 
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switching  and  routing  solution  in  the  industry  and  is  built  on  a 
distributed  and  redundant  switch  architecture  that  ships  ready  to 
support  100  Gigabit  Ethernet.  Featuring  support  for  scalable 
Ethernet  switching,  IPv4/IPv6  routing,  consistent  low  latency 
for  all  packet  sizes  and  advanced  quality  of  service  design,  the 
Biglron  RX  Series  meets  and  exceeds  the  needs  of  a  wide  range 
of  environments  including  Enterprise  LAN,  HPC,  MANS,  and 
next  generation  data  centers. 

Find  out  more  about  the  BigIron  RX  Series  and  how 

YOU  CAN  REDEFINE  PERFORMANCE  AND  RELIABILITY  IN  YOUR 
NETWORK.  LOG  ON  TO  WWW.FOUNDRYNET.COM/BlGlRONRX. 


■  b  e  c  o 

-  e  c  c  ts 

I  c  o  a  c 

1  c  c  o  c 


'fill  ilij 


BlGlRON  RX-  1  6 


BlGlRON  RX-4 


I  NETW0R& 

Las  Vegas  2005 


ajf 


FOUNDRY 

NETWORKS 

The  Power  of  Performance  n 


For  more  information  please  call:  us/canada  i  BBS  turbolan, 
INTERNATIONAL  +1  408.586. 1  700  OR  VISIT  OUR  WEBSITE  AT  WWW.FOUNDRYNET.COM 


Foundry  Networks,  Inc.  is  a  leading  provider  of  high-performance  Enterprise  and  Service  Provider  switching,  routing  and  Web  traffic  management  solutions  including  Layer  2/3  LAN  switches, 
Layer  3  Backbone  switches,  Layer  4-7  Web  switches,  wireless  LAN  and  access  points,  access  routers  and  Metro  routers.  Foundry’s  8,500  customers  include  the  world’s  premier  ISPs,  metro  service 
providers,  and  enterprises  including  e-commerce  sites,  universities,  entertainment,  health  and  wellness,  government,  financial,  and  manufacturing  companies. 

£-  2005  Foundry  Networks®  ,  the  Foundry  logo.  The  Power  of  Performance™,  Foundry™,  and  Biglron®  RX  Series  are  trademarks  of  2005  Foundry  Networks,  Inc. 

All  Rights  Reserved.  All  other  marks  are  trademarks  of  their  respective  owners. 


8.7.06  •  www.networkworld.com  •  19 


NET  INFRASTRUCTURE 

■  SECURITY  ■  SWITCHING  ■  ROUTING  «VPNS  ■  BANDWIDTH  MANAGEMENT  ■VOIP  IS  WIRELESS  LANS 

Making  corporate  security  second  nature 

It’s  more  about  reducing  risk  in  everyday  practices  than  fighting  threats. 


BY  DENISE  DUBIE 

Second  in  a  four-part  series  on  the  tough¬ 
est  security  issues  affecting  the  enterprise. 

Enterprise  security  executives  need  to 
make  practices  such  as  safe  USB  use  and 
discreet  handling  of  patient  or  customer 
data  as  commonplace  as  not  accepting 
luggage  from  strangers  in  airports  or  wear¬ 
ing  a  seat  belt  when  driving. 

But  they  can’t  do  it  alone;  it  takes  an 
entire  organization  to  secure  corporate 
assets,  protect  data  from  breaches  and 
make  sure  enterprisewide  risk  remains  low 

“Security  is  everyone’s  responsibility” 
says  John  Kirkwood,  vice  president  of  In¬ 
formation  Security  Strategy  at  American 
Express,  who  spoke  recently  at  a  Boston 
seminar  hosted  by  risk-management  com¬ 
pany  Consul.  Kirkwood,  formerly  chief  in¬ 
formation  security  officer  at  the  financial 
services  giant,  says  his  role  has  evolved 


Short  Takes 


■  SMC  Networks  last  week 
launched  its  24-port  EZ  Switch 
SMCGS24-Smart  Ethernet  switch, 
with  lO/IOO/IOOOMbps,  or  triple-speed 
Ethernet  supported  on  all  ports  in  the 
box.  The  device  includes  four  addition¬ 
al  built-in  copper  and  fiber  Gigabit 
Ethernet  uplink  ports,  which  can  be 
configured  to  run  as  all-fiber,  all-cop¬ 
per  or  a  mix  of  the  two  cabling  types. 
Only  four  uplink  ports  can  be  active 
at  once.  The  box  costs  $400,  which  is 
around  $14  per  Gigabit  Ethernet  port. 

■  Asante  last  week  began  offering 
new  24-  and  48-port  switches  — 
IC3624  and  3648  —  each  with  dual 
small  form-factor  pluggable  uplinks 
ports,  which  can  be  fitted  with  fiber 
or  copper  port  physical  interface 
modules.  The  box  supports  basic  QoS 
and  management  technologies, 
including  802.1  p  traffic  prioritization. 
Pricing  for  these  switches  won’t  be 
released  until  the  first  quarter  of 
2007,  when  the  devices  are  available. 


THE 

SECURITY 

STANDARD ' 

from  security  policy  maker  to  enterprise 
risk-management  evangelist.  “Security  has 
gone  from  being  a  server  room  concern  to 
a  boardroom  type  of  issue,”  he  says. 

Part  of  the  reason  companies  need  to  re¬ 
program  IT  organizations,  business  man¬ 
agers  and  employees  to  approach  security 
as  a  way  of  life  is  that  so  many  breaches  are 
the  result  of  insider  mistakes.  According  to 
the  2005  Computer  Security  Institute/FBI 
survey  the  number  of  security  events  origi¬ 
nating  within  an  organization  is  equal  to 
those  propagated  by  external  sources. 
Privileged  users,  who  have  more  access 
than  typical  users,  perpetrate  43.5%  of  those 
inside  security  events. 

“Security  has  evolved  beyond  a  central¬ 
ized  team,  and  it  has  evolved  beyond  net¬ 
works, systems,  applications  and  databases,” 
says  Paul  Stamp, a  senior  analyst  at  Forrester 
Research.“Security  can  no  longer  exist  in  its 
stand-alone,  enforcer  function.  It  must  exist 
as  part  of  what  everyone  does,  and  it  has  to 
be  created  using  a  two-way  flow  of  infor¬ 
mation  between  policy  makers  and  busi¬ 
ness  users.” 

Such  issues  will  be  topics  of  discussion  at 
next  month’s  inaugural  Security  Standard 
event  in  Boston  (see  graphic). 

Business  unit  unity 

To  establish  a  security  culture  within  a 
company,  a  logical  first  step  is  for  security 
managers  to  work  with  other  IT  depart¬ 
ments,  as  well  as  business  managers  from 
human  resources  and  legal,  and  then 
spread  the  word  through  awareness  and 
training  programs  to  the  entire  corporate 
population.  The  responsibility  for  security 
moves  from  a  technical,  protection  role  to 
one  that  could  be  seen  as  enabling  the 
business  to  function  more  efficiently  and 
with  less  worry,  industry  watchers  say 

“Many  business  units  can  be  hesitant  to 
bring  in  security,  because  in  the  past  it  has 
required  them  to  do  more  work  for  addi¬ 
tional  costs  and  really  impeded  how  they 
operated  (says  Khalid  Kark.a  senior  analyst 
with  Forrester  Research.“Security  advocates 
have  to  educate  the  organization  to  incor¬ 


porate  security  from  the  beginning  of  every 
project  that  comes  along,  because  it  is 
much  more  costly  to  retrofit.” 

Kark  says  security  policymakers  must 
build  or  adapt  security  practices  around 
how  business  units  actually  use  systems 
and  applications,  rather  than  forcing  a 
process  or  policy  onto  them. 

“If  you  don’t  talk  to  application  users,  you 
are  going  to  build  policies  that  will  be  bro¬ 
ken  right  out  of  the  box,” says  Cory  Elliot,  IT 
director  at  Basic  Energy  Services  in  Mid¬ 
land,  Texas.  Elliot  is  working  with  the  chief 
financial  officer  of  the  oil  and  gas  well  ser¬ 
vices  company  to  assess  the  entire  compa¬ 
ny  structure,  establish  a  security  framework 
and  fill  gaps  in  security  policies.  He  says  he 
realized  early  that  without  upper  manage¬ 
ment  support  and  user  buy-in  the  security 
practice  project  would  be  dead  in  the 
water. 

“It’s  not  going  to  matter  what  kind  of  poli¬ 
cy  I  build  if  I  can’t  educate  the  users  —  in 
layman’s  terms  —  about  what  it  means  to 
them  and  why  they  should  do  it,"  Elliot  says. 
“If  1  can  explain  how  them  shutting  down 
every  night  or  using  certain  log-in  process¬ 
es  helps  the  business  and  how  it’s  not  just 
about  making  their  jobs  more  difficult,  I  can 
make  policies  part  of  the  way  they  do 
things.” 

Such  thinking  is  critical  to  success,  says 
Brad  Johnson,  vice  president  of  consulting 
at  SystemExperts,  a  consultancy  specializ¬ 
ing  in  network  security  He  says  there  are 
elements  of  people’s  jobs  that  can  change 
to  support  security  measures  and  others 
that  cannot,  depending  on  the  organiza- 

The  skinny  on 
The  Security  Standard 

What:  This  new  IDG  Executive 
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nology  experts  and 
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surrounding  information 
_  security.  _ 

When:  Sept.  6  and  7 
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tion,  and  security  policy  makers  need  to 
find  the  balance  between  best  practices 
and  pragmatic  workflows. 

“Successful  security  measures  originate 
as  a  business  concept  from  the  top  that  per¬ 
meates  down  into  how  people  can  change 
the  way  they  work  to  better  enhance  data 
privacy  and  resource  protection,”  Johnson 
says.“It  can’t  be  about  the  security  manager 
acting  as  police  officer,  but  rather  as  an  ad¬ 
vocate  for  a  consistent  security  posture 
across  departments,  which  could  be 
argued  enables  faster  application  deploy¬ 
ment  time  and  streamlined  operations.” 

And  don’t  underestimate  human  nature 
when  communicating  the  importance  of 
keeping  in  line  with  security  policies.Secur- 
ity  managers  can  cite  embarrassing  public 
incidents  to  reinforce  why  a  corporate  pop¬ 
ulation  needs  to  fall  in  line. 

Privacy  Rights  Clearinghouse  reports  that 
more  than  53  million  Americans’  personal 
information  has  been  compromised  since 
February  2005,  and  Forrester  reports,  “Most 
of  these  breaches  occurred  at  companies 
that  are  household  names,  such  as  Bank  of 
America, Time  Warner  and  Ford.”  According 
to  the  National  Fraud  survey  internal  secu¬ 
rity  attacks  cost  U.S.  businesses  an  average 
of  6%  of  their  gross  annual  revenue. 

“No  one  typical  user,  omitting  those  that 
take  part  in  malicious  activities,  wants  to  be 
the  person  that  compromised  patient  data 
and  put  the  organization  in  jeopard/  says 
Ron  Uno,  manager  of  information  manage¬ 
ment  (and  essentially  acting  CIO)  at 
Kuakini  Health  Systems  in  Honolulu. 

Uno  meets  every  two  months  with  other 
business  unit  leaders  to  reinforce  and 
maintain  awareness  of  established  or  up¬ 
dated  security  practices.  He  says  recent 
public  events  —  such  as  employees  bring¬ 
ing  a  disk  or  laptop  loaded  with  critical 
data  home  —  keep  the  importance  of  secu¬ 
rity  best  practices  fresh  in  managers’ minds. 
In  the  face  of  intentional  breaches,  Uno 
says  action  should  be  swift  and  definitive 
—  yet  also  discreet  to  avoid  public  percep¬ 
tion  problems  —  to  reiterate  to  the  corpo¬ 
rate  community  not  to  trifle  with  the  estab¬ 
lished  security  culture. 

“Security  policies  need  to  have  teeth,  and 
those  who  break  the  policies  need  to  know 
and  endure  the  consequences’’ Uno  says.“lf 
you  educate  the  entire  employee  base 
See  Standard,  page  20 
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Net  infrastructure  for  the  long  run 


TOLLY  ON  TECHNOLOGY 

Kevin  Tolly 


When  we  make  major  infrastruc¬ 
ture  purchases,  we  like  to  know 
that  the  choices  we’ve  made  are 
smart  ones  —  good  for  the  long 
run.  But  the  long  run  in  my  head¬ 
line  refers  to  another  issue  —  the 
capability  of  a  device  to  run  for 
weeks  or  months  without  seizing 
up  or  experiencing  degraded  per¬ 
formance  or  loss  of  features.  It  is 
an  issue  that  seems  finally  to  be 
getting  the  recognition  it 
deserves. 


This  is  nothing  new.  “When  in 
doubt,  reboot”  has  been  an  almost 
daily  fact  of  life  for  users  of  desk¬ 
top  systems  from  Microsoft  Win¬ 
dows  3. 1  through  Win  2000.  Mem¬ 
ory  leaks  were  often  the  culprit. 
Subtle  errors  in  programming 
failed  to  release  memory  until  all 
system  memory  was  exhausted 
and  the  system  could  no  longer 
run  —  until  a  reboot  cleared 
memory  Recent  versions  of 
Microsoft’s  desktop  and  server  sys¬ 
tems  seemed  to  have  overcome 
the  need  for  constant  reboots. 

Today  we  almost  expect  these 
types  of  problems  from  low-end 
network  appliances,  such  as  our 
home  broadband  routers.The  first 
thing  most  of  us  do  when  we  ex¬ 
perience  slowdowns  is  to  pull  the 


plug  and  restart,  which  often  fixes 
the  problem. 

But  when  network  infrastructure 
elements  supporting  business 
users  degrade  to  a  point  where 
they  slow  down,  lose  functionality 
or  hang  and  must  be  rebooted,  it 
is  definitely  a  bad  thing. 

In  response  to  my  recent  col¬ 
umn  about  Dell  LAN  switches, sev¬ 
eral  readers  wrote  to  say  this  was 
the  same  issue  they  had.  A  net¬ 
work  manager  from  a  university  in 
North  Dakota  wrote  in  part: 

“I  wanted  to  like  their  switches. 
The  price  was  right,  seemed  well 
built,  interface  was  good  enough. 
We  bought  some  of  their  switches, 
seemed  to  work  [OK]  at  first,  but 
then  the  lockups  would  happen.lt 
wasn’t  consistent,  but  did  seem  to 


be  consistent  with  increased  traf¬ 
fic.  Too  much  traffic  for  a  long 
period  of  time,  and  they  would 
stop  passing  it.  We  tried  them  on 
our  campus  side,  then  the  dorm 
side,  didn’t  matter.  We  still  have 
them  in  the  corner,  collecting 
dust,  we  take  them  out  when  we 
need  to  have  a  small,  private  net¬ 
work;  for  that  they  work  great.  It 
could  be  that  we  are  spoiled  by 
older  Foundry  Fastlrons.  We  mea¬ 
sure  those  uptimes  in  years,  nor¬ 
mally  only  being  reset  when  we 
have  to  replace  a  UPS.” 

Vendors  listen  to  what  cus¬ 
tomers  want,  and  it  is  clear  that 
long-running  devices  add  to  a 
company’s  value  proposition. 

In  the  past  year,  we’ve  seen 
greater  focus  from  our  vendor 


customers  on  reliability  and 
robustness.  Still,  there  is  nothing 
stopping  users  from  demanding 
more  details  from  vendors  about 
how  their  devices  are  built  and 
what  kind  of  stress  and  regression 
testing  they  are  put  through 
before  release. 

Vendors  that  invest  heavily  in 
gear  and  personnel  focused  on 
improving  quality  will  be  happy 
to  tell  you  all  about  it.  Those  that 
just  slap  their  label  on  a  box  made 
“somewhere”  by  “someone”  will 
try  to  change  the  subject. 

Tolly  is  president  of  The  Tolly 
Group,  a  strategic  consulting  and 
independent  testing  company  in 
Boca  Raton,  Fla.  He  can  be 
reached  at  ktolly@tolly.com. 


Start-up  releases  NAC  device  for  Windows  desktops 


BY  TIM  GREENE 

Start-up  FireEye  is  introducing  a  network 
access-control  appliance  that  monitors  net¬ 
work  traffic  to  discover  and  block  mali¬ 
cious  traffic  aimed  at  Windows  2000  and  XP 
desktops. 

The  FireEye  4200  works  in  two  phases, 
identifying  traffic  that  diverges  from  normal 
and  then  running  that  traffic  through  virtu¬ 
al  machines  on  the  appliance  to  see 
whether  it  is  actually  an  exploit.  Proving  the 


FireEye  4200  runs  suspected  malicious  code  on 
virtual  desktops  to  determine  actual  threats. 


traffic  as  malicious  on  the  virtual  machines 
prevents  false  positives,  says  Ashar  Aziz, 
company  founder,  president  and  CEO. 

The  device  can  be  configured  to  reassign 
the  offending  machine  to  a  quarantine  vir¬ 
tual  LAN,  shut  down  all  network  access  by 
blocking  the  switch  port  to  which  it  is 
attached,  or  create  virtual  access-control 
lists  for  the  port  to  block  the  traffic  that  has 
been  identified  as  malicious  while  allow¬ 
ing  all  other  traffic  from  the  machine  gen¬ 
erating  it. 

It  takes  seconds  to  tens  of  seconds  from 
the  time  malicious  traffic  is  picked  up  to 
when  the  appliance  takes  action  to  isolate 
it.  FireEye  4200  machines  are  attached  to 
spanning  ports  or  test  access  ports, so  they 
are  not  in  line  with  traffic  and  do  not  intro¬ 
duce  delay  as  they  seek  harmful  packet 
flows,  the  company  says. 

While  the  time  it  takes  to  discover  an  ex¬ 
ploit  gives  the  exploit  time  to  unfold  on  the 


production  network,  it  still  discovers  mali¬ 
cious  behavior  in  time  to  curb  an  attack, 
says  Fred  Archibald,  network  manager  for 
the  electrical  engineering  and  computer 
science  department  at  the  University  of 
California  at  Berkeley  The  department  has 
beta  tested  the  device  and  is  installing  it  to 
protect  its  wireless  network.  “It’s  going  to 
limit  how  much  damage  [an  attack]  can 
do,”  he  says.“We  feel  it  will  give  us  at  least  an 
additional  measure  of  protection.” 

Archibald  says  he  tested  InfoExpress  Cy- 
berGatekeeper  gear  that  checks  computers 
for  compliance  with  security  policies 
based  on  a  scan  of  the  device  performed 
by  a  software  agent.  He  says  department 
members  opposed  the  agents,  because 
they  had  too  many  rights  on  the  host 
machine.  They  were  concerned  that  if  the 
agent  were  compromised,  it  could  be  used 
to  steal  proprietary  data. 

Archibald  also  says  endpoint  checking 
doesn’t  necessarily  mean  a  device  is  not  a 
threat.  Zero-day  attacks  and  delay  updating 
signature  libraries  can  leave  devices  open 
to  infection. 

FireEye  competes  against  devices  from 
ConSentry  and  Nevis  that  scan  network  traf¬ 
fic  from  switch-monitoring  ports  and  shut 
down  badly  behaving  machines,  says  Scott 
Crawford,  an  analyst  with  Enterprise  Man¬ 
agement  Associates.  He  says  the  virtual 
machine  component  of  FireEye  is  unique. 

FireEye  4200  communicates  with  switch¬ 
es  via  SNMP  XML  over  HTTP  and  via  com¬ 
mand-line  interface  with  Cisco  switches.  It 
also  can  employ  custom  scripts  to  talk  to 
switches  if  other  methods  don’t  work,  the  j 
company  says. 

While  the  virtual  machines  check  only  for 


exploits  against  Win  2000  and  XP  desktops, 
the  company  says  it  may  later  set  up  server- 
class  versions.The  more  pressing  need  is  to 
protect  LANs  from  infected  machines,  par¬ 
ticularly  laptops  that  come  and  go  from  net¬ 
works,  the  company  says. 

The  device  does  not  authenticate 
machines  or  users,  nor  does  it  scan  them 
for  whether  they  have  an  acceptable  secu¬ 


rity  posture.  But  it  can  work  in  conjunction 
with  other  NAC  schemes  that  authenticate 
and  perform  endpoint  checks. 

Setting  up  an  appliance  entails  assign¬ 
ing  it  an  IP  address,  attaching  it  to  a  switch 
(the  appliance  has  six  10/ 100/ 100Mbps 
copper  Ethernet  ports)  and  setting  what 
machines  should  do  with  malicious 
traffic.  FireEye  4200  costs  $30,000.  ■ 
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about  the  risks,  the  punishment  and  how 
the  company  could  suffer,  then  as  a  securi¬ 
ty  leader  you  have  an  army  of  people  keep¬ 
ing  their  eyes  and  ears  open  and  watching 
out  that  security  policies  are  followed.” 

While  regulatory  compliance  and  very 
public  breaches  may  have  spurred  many 
organizations’  push  to  establish  and  en¬ 
force  consistent  security  practices,  it  cannot 


remain  the  primary  driver  for  an  advanced 
security  culture.  For  Kirkwood,  his  three-to- 
five  year  strategic  plan  for  enterprise  risk 
management  at  American  Express  includes 
tactical  milestones  to  keep  business  units 
motivated  within  the  security  mind-set. 

You  can’t  put  security  measures  in  place 
only  because  regulations  require  them,  he 
says:  “You  have  to  have  an  enterprise  risk 
management  culture  that  security  best 
practices  and  other  IT  and  business  initia¬ 
tives  feed  into  organically.  ■ 


Inside  The  Security  Standard 

A  preview  of  key  sessions  at  this  new  event,  taking  place  in  Boston  on 
Sept.  6  and  7. 

•  Top  security  concerns:  A  360-degree  view  from  Microsoft. 

Microsoft's  top  security  executives  will  answer  some  of  the  most  pressing  questions  IT  leaders  have  about 
emerging  security  threats,  privacy  and  compliance  issues,  and  will  discuss  the  need  tor  security  to  move 
beyond  being  a  cost  center  to  being  a  business  enabler. 

•  Lessons  learned:  A  case  study  in  disruption  management  and  continuity  excellence. 

Driven  by  highly  publicized  incidents,  such  as  Hurricane  Katrina  in  2005,  as  well  as  partner  and  government 
regulations,  organizations  arc  taking  their  business  continuity  plans  more  seriously  than  ever  -  and  security 
teams  arc  leading  the  charge.  Hear  front  Wal-Mart  Stores'  director  of  emergency  management, 

•  See  the  complete  conference  agenda:  www.thesecuritystandard.net/agenda.html 
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MICROSOFT.COM/SECURITY/IT 

Microsoft 


Find  tools  and  guidance  to  defend  your  network  at  microsoft.com/security/IT 

Free  Tools  and  Updates:  Streamline  patch  management  *>  Antivirus  for  Exchange:  Download  a  free  trial  of  Antigen  for 
with  automated  tools  like  Windows  Server™  Update  Services.  Exchange  and  arm  your  e-mail  server  with  powerful  multi-engine 

And  verify  that  your  systems  are  configured  for  maximized  protection  from  viruses,  worms,  and  inappropriate  content. 

security  with  Microsoft  Baseline  Security  Analyzer.  „  Learningpaths,orSecurity:Takeadvantageof  in-depth 

Microsoft  Security  Assessment  Tool:  Complete  this  online  training  tools  and  security  expert  webcasts  organized 

free,  online  self-assessment  to  evaluate  your  organization's  around  your  specific  needs.  Then  test  your  security  solutions 

security  practices  and  identify  areas  for  improvement.  in  virtual  labs,  all  available  on  TechNet. 


Microsoft 
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WINDOWS  LINUX 


RPRISE  COMPUTING 

a  Unix  m  servers  m  storage  ■  grid/utility  m  mobile  computing 


Centeris  eyes  Windows/Linux  simplicity 

Likewise  2.0  adds  management  support  for  DNS,  firewall  servers. 


How  Likewise  works 


Centeris’  software  is  designed  for  managing  both  Windows  and  Linux  servers 
from  a  Windows  console. 

Samba  Apache  DNS 
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Q  The  Likewise  2.0  console  is  installed  on  a  systems  administrator's  Windows  console. 
B  Likewise  agents  are  installed  on  Linux  servers. 


B  Using  the  console,  an  admin  can  configure  Linux  server  roles,  join  Linux  servers  to  Active  Directory 
and  manage  servers  day  to  day. 


BY  BOB  BROWN 

Centeris  CEO  Barry  Crist  can  rattle  off  a 
litany  of  reasons  for  why  you  should  give 
his  company’s  management  software  a 
whirl.  But  perhaps  his  most  illustrative  sell¬ 
ing  point  is  this:  “What  if  your  Linux 


■  Palm's  plans  for  future  prod¬ 
ucts  could  be  affected  by  delays  in 
the  development  of  a  new  version 
of  the  Palm  OS  software,  the  com¬ 
pany  warned  in  a  regulatory  filing, 
The  company  has  an  agreement 
with  its  former  subsidiary, 
PalmSource,  to  co-develop  the 
operating  system  software  for  use 
in  its  PDAs  and  smart  phones. 
However,  PalmSource,  now  owned 
by  Access  of  Japan,  did  not  meet 
some  of  the  deadlines  set  out  by 
the  agreement,  Palm  said  in  a  fil¬ 
ing  last  month  with  the  Securities 
and  Exchange  Commission.  Palm 
must  pay  Access  a  minimum 
license  and  royalty  fee  of  $42.5 
million  a  year  this  year,  but  the 
minimum  payment  obligation  in 
future  years  has  been  waived, 
because  Access  missed  the  devel¬ 
opment  milestones.  A  spokes¬ 
woman  for  Access  in  Europe 
would  not  comment  on  the  devel¬ 
opment  delays,  but  said  work  on 
the  software  is  continuing  at  sites 
in  the  United  States,  Europe  and 
China. 

si  EMC  last  week  announced  a  new 
version  of  its  storage-area  network 
validation  and  design  tool  that 
includes  support  for  zoning  — 
establishing  connections  between 
servers  and  storage  —  to  create 
virtual  SANs.  Users  can  validate 
and  simulate  changes  to  existing 
zones,  create  new  ones  and  estab¬ 
lish  policies.  SAN  Advisor  5.3, 
which  starts  at  $5,000,  includes  150 
best-practice  rules. 


administrator  goes  on  vacation?” 

The  2-year-old  company  which  is  set  to  re¬ 
lease  the  second  version  of  its  Likewise  pro¬ 
duct  this  week,  specializes  in  helping  small 
and  midsize  businesses  (SMB)  manage 
Windows  and  Linux  servers  from  a  com¬ 
mon  Windows  console,  including  the 
Microsoft  Management  Console  (see 
graphic).  More  specifically  the  server  and 
agent  software  enables  Windows  adminis¬ 
trators  to  manage  Linux  systems  and  hook 
them  into  Active  Directory  while  shielding 
them  from  the  command-line  interfaces 
and  other  intricacies  of  the  open  source 
operating  system. 

Version  2.0  features  support  for  new 
server  roles,  including  DNS  and  firewalls. 
The  company  started  with  file,  print  and 
Web  server  support  in  the  first  edition 
launched  at  the  start  of  the  year. 

Also  new  are  more  of  what  Crist  calls 
power-user  features.These  are  for  adminis¬ 
trators  who  aren’t  spooked  by  Linux  and 
want  to  use  command-line  interfaces  or 
do  Secure  Shell  sessions  to  remotely  man¬ 
age  Linux  servers. 

Keeping  its  eyes  on  the  proliferating  num¬ 
ber  of  Linux  distributions,  Centeris  has  also 
reworked  its  software  to  dynamically  sup¬ 
port  new  iterations.  Crist  says  it  has  become 
especially  important  to  handle  new  64-bit 
versions  of  Linux,  as  even  SMBs  are  deploy¬ 
ing  or  at  least  asking  about  them. 

Centeris  won’t  divulge  how  many  organi¬ 
zations  are  buying  its  software,  though  it 
does  say  that  4,500  companies  have  down¬ 
loaded  its  software  for  evaluation.  The  35- 
person  company  is  partnering  with  heavy 
hitters  IBM,  Microsoft,  Novell  and  Red  Hat 
to  get  its  software  into  customers’  hands. 

Industry  watchers  say  that  while  a  certain 
amount  of  integrated  Windows/Linux  man¬ 
agement  support  can  be  had  from  manage¬ 
ment  platform  vendors,  smaller  companies, 
such  as  Centeris,  are  really  focusing  on  the 
issue.  Others  in  the  market  include  Centrify 
Qlusters  and  Quest. 

“Companies  getting  the  most  bang  for 
the  buck  out  of  Linux  have  one  team  man¬ 
aging  Linux  and  Windows,”  says  Andi 
Mann,  a  senior  analyst  at  Enterprise 
Management  Associates. 

One  organization  sold  on  Centeris  is  the 
Nixa  R-Ii  School  District  in  Missouri.  “We 
really  didn’t  have  any  disagreement  as  a  de¬ 


partment  on  managing  Linux  through  Win¬ 
dows,  as  we  try  not  to  fall  into  the  pit  of 
being  ‘Linux  guys’  or  showing  any  bias  that 
clouds  our  judgment  with  respect  to  our 
district  goals  and  purpose,”  says  Charlie 
Staats,  network  support  technician  for  the 
school  district,  which  relies  on  more  than 
30  servers,  including  Linux,  Windows  and 
Mac  machines. 

Staats  went  with  Centeris  to  avoid  man¬ 
ual  setups  and  configurations.  “When  I 
was  researching  this  Linux-to- [Active 
Directory]  connection,  Centeris  was  the 
only  automated,  fully  supported  solution 
I  found,”  he  says. 

Convincing  Linux  backers 

Some  observers  say  wresting  control  of 
Linux  servers  from  Linux  boosters  isn’t  a 
cinch. 

“Centeris’  newest  offering  . .  .would  be  the 
perfect  tool  if  the  sysadmin  was  out  on 
vacation.lt  seems  to  provide  the  basic  tools 
to  manage  a  Linux  server,  but  couldn’t 
match  the  power  of  even  a  junior  admin  at 
the  keyboard,”  says  Matt  Darby  IT  manager 
for  Dynamix  Engineering  in  Columbus, 
Ohio,  who  checked  out  the  Likewise  2.0 
demo  on  Centeris’  site.  “Managing  servers 
and  checking  logs  is  one  thing,  but  servers 
need  maintenance,  not  just  managing.” 

Crist  acknowledges  that  winning  over 
Linux  advocates  isn’t  easy  despite  the 
“error-prone”  techniques  used  by  many  to 


manage  Linux  systems,  though  he  says  Cen¬ 
teris  has  had  success  when  customers  see, 
for  example,  how  committed  the  company 
is  to  advancing  such  technologies  as  the 
Samba  open  source  file  and  print  program 
and  incorporating  it  into  Likewise. 

Centeris  might  even  be  open  at  some 
point  to  rolling  out  software  that  enables 
companies  to  manage  Windows  and  Linux 
servers  not  just  from  Windows  consoles,  but 
from  Linux  ones. 

“It’s  come  up,”  says  Crist,  a  veteran  of  a 
couple  of  start-ups,  plus  much  bigger  play¬ 
ers,  including  Mercury  Interactive. 

Centeris  earlier  this  year  banked  its  sec¬ 
ond  round  of  venture  financing,  bringing 
its  total  to  just  less  than  $17  million  from 
Ignition  Partners,  Trinity  Ventures  and 
Intel  Capital. 

Crist  says  the  company’s  $  1 1 .5  million  sec¬ 
ond-round  funding  announced  in  March 
should  last  a  couple  of  years,  maybe  even 
to  cash-flow  positive  status.  He  says  that 
given  the  company’s  easy  software  down¬ 
load  system  and  major  partners,  Centeris 
doesn’t  need  to  spend  a  boatload  on  out¬ 
side  sales  people,  typically  a  big  software 
company  cost. 

Likewise  2.0  costs  $350  per  server,  with  dis¬ 
counts  available  for  five  or  more  servers.  ■ 
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Outsourcing  gets  homey 

Homeshoring  provides  call  center  alternative  to  offshoring. 


Short  Takes 


■  IBM  last  week  announced  it  is  buy¬ 
ing  Webify  Solutions,  marking  its 
third  buyout  in  the  service-oriented 
architecture  technology  market.  The 
acquisition  should  be  particularly  use¬ 
ful  to  IBM,  because  it  targets  SOA 
development  and  deployment  in  the 
healthcare  and  insurance  industries, 
the  prime  focus  of  Webify's  technolo¬ 
gies.  Based  in  Austin,  Texas,  privately 
held  Webify  provides  industry-specific 
software  and  services  to  let  users 
develop  and  deploy  SOA  applications 
more  rapidly.  Its  product  portfolio 
includes  hundreds  of  prebuilt,  stan- 
dards-based  accelerators,  tools  and 
frameworks  that  can  be  used  to 
resolve  particular  industry  issues:  for 
instance,  ensuring  that  healthcare 
SOA  applications  comply  with  the 
Health  Insurance  Portability  and 
Accountability  Act  federal  standards. 
Last  year,  IBM  made  two  SOA  acqui¬ 
sitions,  buying  hardware  appliance 
firm  DataPower  in  October,  and  por¬ 
tal  technology  and  tools  company 
Bowstreet  in  December.  IBM  has  not 
disclosed  the  financial  terms  of  its 
Webify  purchase. 

■  CA  has  appointed  Ajei  Gopal, 
Symantec’s  former  CTO,  to  lead  its 
enterprise  systems  management  busi¬ 
ness  unit.  Gopal  is  taking  over  from  Al 
Nugent  as  senior  vice  president  and 
general  manager  of  the  enterprise 
systems  management  business  unit 
and  will  report  to  Russ  Artzt,  execu¬ 
tive  vice  president  of  products. 

■  SAP  will  invest  $1  billion  in  India 
over  the  next  five  years,  company 
CEO  Henning  Kagermann  told 
reporters  in  Delhi  last  week.  SAP,  of 
Walldorf,  Germany,  also  announced 
that  20%  of  its  global  research  and 
product  development,  as  well  as  ser¬ 
vices  and  support,  will  come  from 
India  by  year-end.  SAP  has  a  soft¬ 
ware-development  center  in  Banga¬ 
lore,  called  SAP  Labs  India,  its  largest 
outside  Germany.  The  company 
announced  last  year  it  was  increasing 
staff  at  the  center  to  3,500  by  year- 
end.  The  company  has  about  2,750 
employees  there. 


BY  JENNIFER  MEARS 

It’s  not  surprising  that  1 -800-Flowers.com 
sees  its  business  spike  around  Valentine’s 
Day,  Mother’s  Day  and  Christmas.  What 
might  surprise  you,  however,  is  that  the 
company  meets  its  increased  call  volume 
with  customer-care  agents  who  just  might 
be  answering  the  phone  in  bathrobe  and 
slippers. 

1-800-Flowers.com  is  among  a  growing 
number  of  companies  turning  to  service 
providers  that  employ  home-based  call 
center  agents  or  let  their  internal  customer- 
care  agents  work  from  home  if  they  choose. 
The  trend  has  been  gaining  momentum  for 
a  few  years,  but  it’s  one  that  IDC  says  is 
poised  to  take  off. 

“It’s  really  something  that  is  exploding  as 
far  as  I’m  concerned,”  says  Lou  Orsi,  direc¬ 
tor  for  vendor  relations  and  strategic  proj¬ 
ects  at  l-800-Flowers.com.“When  you  think 
about  it,  it  really  makes  a  lot  of  sense.” 

According  to  a  recent  IDC  study  there 
were  about  112,000  home-based  agents  in 
2005,  but  that  number  is  expected  to  nearly 
triple  over  the  next  few  years  and  surpass 
328,000  by  2010. 

IDC  says  there  are  several  factors  making 
work-at-home  arrangements  attractive 
(see  graphic).  Not  the  least  is  advanced 
technologies,  such  as  wider  access  to 
broadband,  that  let  home-based  em¬ 
ployees  be  as  productive  as  their  brick- 
and-mortar  counterparts. 

Add  to  that  the  savings  in  gas  and  com¬ 
muting  time  and  the  convenience  of  rolling 
out  of  bed  and  into  an  office  without  set¬ 
ting  foot  out  the  door,  and  it’s  no  surprise 
that  companies  say  they  attract  and  retain 
higher-caliber  employees  with  the  work-at- 
home  approach. 

Analysts  don’t  expect  the  use  of  home- 
based  call  center  agents  —  a  practice  IDC 
terms  homeshoring  —  to  displace  off¬ 
shoring,  but  they  do  expect  the  work-at- 
home  option  to  play  a  larger  role  in  an 
enterprise’s  outsourcing  strategy 

“Rather  than  think  of  [homeshoring]  as 
an  alternative  to  offshoring,  I  think  of  it  as 
companies  enhancing  their  portfolio  mix 
of  services,” says  Stephen  Loynd.a  program 
manager  at  IDC. 

Some  calls  may  go  to  India,  others  to 
another  near-shore  market,  such  as  Mexico, 
“and  then  there  are  a  certain  amount  of 
calls  that  would  best  be  handled  in  the 
United  States  and,  by  extension,  by  a  home- 


based  agent,”  Loynd  says. 

In  situations  where  geographic  familiar¬ 
ity  or  culture  and  language  are  particu¬ 
larly  important,  the  calls  could  go  to  a 
home-based  agent,  rather  than  going  off¬ 
shore,  Loynd  says.  Companies  cut  real 
estate  costs  with  home-based  agents,  so 
while  costs  aren’t  at  the  offshoring  level, 
they  are  reduced. 

“It’s  a  little  bit  more  expensive  than  going 
offshore,  but  I  think  you  get  what  you  pay 
for]’ Orsi  says.  “And  it’s  less  than  your  tradi¬ 
tional  brick-and-mortar  pricing  models. 
Second, the  quality  of  the  person  you’re  get¬ 
ting  is  far  superior’ 

Alpine  Access  (which  Orsi  uses),VIPdesk, 
West  and  Willow  are  among  a  growing  list 
of  outsourcing  firms  that  use  home-based 
agents.  Alpine  Access  says  homeshoring 
has  let  it  tap  into  employees  more  attuned 
to  the  business  of  its  customers,  which 
include  1-800-Flowers.com,  J.Crew  Group 
and  Office  Depot. 

“The  clients  want  experts  in  their  subject 
matter,  and  we’re  able  to  do  that  because 
we’re  not  geographically  limited  like  a  tra¬ 
ditional  call  center,”  says  Brad  Krinhop, 
COO  of  Alpine  Access. 

By  removing  physical  limitations,  com¬ 
panies  such  as  Alpine  Access  also  are 
putting  together  more  highly  educated, 
dependable  workforces. 

Although  a  typical  brick-and-mortar  call 
center  may  be  staffed  primarily  by 
employees  in  their  early  20s  with  very  little 
college  education,  the  average  age  at 
Alpine  Access  is  38,  and  80%  have  at  least 
some  college  education  —  “and  a  lot 
more  work  experience,”  Krinhop  says. 

At  the  same  time,  home-based  agents 
are  likely  to  be  happier  and  thus  more 
dependable.  Typical  call  centers  can  deal 
with  turnover  rates  of  about  65%  annually, 
with  some  even  higher,  but  centers  with 
home-based  agents  see  turnover  rates  of 
less  than  10%  in  most  cases,  says  Chuck 
Wilsker,  president  and  CEO  of  the 
Telework  Coalition. 

Another  benefit  of  telecommuting  is 
business  continuity,  Wilsker  says. 

“Business  continuity  is  a  big  issue  for 
home-based  work  now]’  he  says.  “What  if 
people  are  quarantined,  what  about  the 
prospect  of  terrorism,  hurricanes,  other 
severe  weather?  A  lot  of  people  are  look¬ 
ing  at  business  continuity  and  see  home- 
based  agents  as  the  way  to  go.” 


Close  to  home 

Using  home-based  customer- 

care  agents  is  on  the  rise.  IDC 

pinpoints  a  few  reasons  why: 

•  Technology  advances:  Broadband  and  VoIP 
simplify  the  process  of  linking  home-based 
agents  with  customers. 

•  Soaring  gas  prices:  Working  from  home 
cuts  out  not  only  gas  costs,  but  also 
commuting  time. 

•  Cost  of  living:  With  home  prices  on  the  rise, 
people  are  forced  to  live  outside  of  major 
metropolitan  areas  and  face  lengthy 
commutes  to  brick-and-mortar  facilities. 

•  Pandemic  flu  or  natural  disasters:  Companies 
dealing  with  severe  weather,  natural  disasters, 
or  pandemic  flu  will  be  better  able  to  keep 
their  business  running  if  employees  don’t 
have  to  leave  the  house  to  do  their  jobs. 

•  Impending  wave  of  retirees:  Experienced 
retirees  may  be  willing  to  work  from  home 
as  customer-care  agents. 


Security,  which  initially  was  a  concern 
when  it  came  to  work-at-home  agents,  is 
now  seen  as  a  benefit.  Legislation  gives 
companies  greater  control  over  sensitive 
data  in  the  United  States  than  overseas, 
Wilsker  points  out. 

Still,  many  companies  are  hesitant  about 
having  employees  based  at  home. 

“We  really  do  see  this  taking  off,  but 
today  people  seem  more  comfortable 
sending  things  halfway  around  the  world 
than  having  people  work  from  home,” 
Wilsker  says. 

Experts  expect  that  to  change  as  enter¬ 
prises  see  peers  succeed  with  the  home- 
based  model.  1-800-Flowers.com,  for  exam¬ 
ple,  is  so  happy  with  its  experience  with 
Alpine  Access  it  is  launching  its  own  work- 
at-home  pilot  for  its  internal  employees. 

“We  have  about  50  home  agents,  and 
we’re  looking  to  double  that  by  year-end,” 
Orsi  says.“The  amount  of  calls  we  get  from 
people  looking  for  these  types  of  jobs  is 
unending.”  ■ 
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How  to  shrink  a  wide  digital  divide? 

Even  with  increasing  privatization, 
competition  and  independent  regula¬ 
tion  . . .  Internet  deployment  in  the 
poorer  countries  is  very  limited. 


NET  INSIDER 

Scott  Bradner 


The  core  problem  in  the  net¬ 
work-neutrality  debate  is  an  eco¬ 
nomic  one.  Once  upon  a  time, 
ISPs  thought  they  could  make 
money  by  offering  connections  to 
the  Internet.  Most  of  the  larger 
ISPs  also  made  some  money 
offering  extra  services,  including 
e-mail  and  Web  hosting,  but  their 
basic  revenue  plan  was  based  on 
plain  Internet  connectivity. 

This  turned  out  to  be  a  hard  way 
to  make  a  living.  Over  the  past  few 
years  telephone  and  cable  com¬ 
panies  have  become  the  largest 
ISPs.  In  general,  these  companies 
say  that  being  a  pure  ISP  is  a  good 
way  to  lose  a  lot  of  money  —  par¬ 
ticularly  if  they  need  to  spend  a 
lot  to  upgrade  their  infrastructures 
—  thus,  they  hunger  to  make  extra 
money  from  the  value  of  the  bits 


flowing  over  their  networks. 
Competition  has  not  yielded  the 
kind  of  benefits  to  the  ISP  busi¬ 
ness  that  it  has  in  other  areas,  such 
as  cell  phone  service,  perhaps  be¬ 
cause  there  is  little  real  competi¬ 
tion  but  also  maybe  because  the 
cost  of  the  new  infrastructure  is 
very  high. 

One  approach  being  tried  in  a 
number  of  places  to  reduce  the 
cost  of  new  infrastructure  is  to 
have  government  pay  for  it  and 
make  it  available  at  low  cost  to 
multiple  ISPs  (see  www.nwdoc 
finder. com/4625). The  hope  is  that 
ISPs  will  use  the  infrastructure 
and  compete  for  customers,  and 
will  see  that  a  neutral  network  is  a 
competitive  advantage.  This  is  a 
different  approach  from  having 
governments  become  or  bless 
ISPs  (see  www.nwdocfinder.com/ 
4626). 

The  United  States  is  not  the  only 
place  where  competition  has  not 
brought  about  the  deployment  of 
good,  neutral  Internet  infrastruc¬ 
tures.  The  U.N.  Conference  on 


Trade  and  Development  (UNC¬ 
TAD)  has  just  issued  a  report  on 
the  digital  divide  between  devel¬ 
oping  and  developed  countries 
(see  www.nwdocfinder.com/4627 
that  shows  how  out  of  balance  the 
Internet  world  is.  For  example,  the 
report’s  highlights  (see  www. 
nwdocfinder.com/4628)  note  that 
“a  person  living  in  a  high-income 
country  is  over  22  times  more  like¬ 
ly  to  be  an  Internet  user  than  one 
in  a  low-income  country’ 

It  also  shows  that  even  with 
increasing  privatization,  competi¬ 
tion  and  independent  regulation 
—  three  key  factors  in  the  devel¬ 
opment  of  vibrant  telecommuni¬ 
cations  in  much  of  the  world  — 
Internet  deployment  in  the  poorer 
countries  is  very  limited.  The 
report  examines  the  possibility  of 


government-funded,  neutral 
Internet  backbones  bringing  con¬ 
nectivity  to  villages  in  poor  coun¬ 
tries.  Local  ISPs  and  providers  of 
local  services,  such  as  schools, 
small  phone  companies,  health 
clinics  or  Internet  cafes,  could 
connect  to  these  backbones  at 
their  own  expense. 

The  UNCTAD  report  cites  the 
importance  of  the  NSFNet  in  the 
creation  of  the  current,  widely 
deployed  U.S.  Internet.  It  also 
points  out  that  the  money  the  U.S. 
government  put  into  the  NSFNet 
and  other  research  networks  was 
small  potatoes  compared  with  the 
benefits  the  Internet  has  brought. 

My  continuing  great  worry  is 
that  total  reliance  on  individual 
ISPs  —  in  the  United  States  or 
elsewhere  —  to  fund  the  back¬ 


bone  networks  necessary  for 
advanced  Internet  applications  is 
leading  us  down  a  path  to  an 
Internet  without  freedom  to  inno¬ 
vate  or  select  an  application  ser¬ 
vice  provider  of  one’s  choice  — 
all  because  the  infrastructure  cost 
is  so  high, and  there  is  so  little  fore¬ 
seeable  competition.  Maybe  it  is 
time  to  take  a  very  serious  look  at 
alternate  ways  to  fund  the  back¬ 
bones.  The  UNCTAD  report  pro¬ 
vides  one  suggestion;  another 
might  be  privately  funded  but  reg¬ 
ulated  common-carrier  back¬ 
bones  that  multiple  ISPs  could 
use.  In  any  case,  I  find  it  hard  to 
see  today’s  mostly  open  Internet 
in  the  future  if  we  keep  muddling 
along  the  path  we  are  on. 

Disclaimer:  At  its  best,  Harvard  is 
a  muddle-reducer,  but  the  univer¬ 
sity  has  not  expressed  an  opinion 
on  this  particular  muddle. 

Bradner  is  a  consultant  with 
Harvard  University’s  University 
Information  Systems.  He  can  be 
reached  at  sob@sobco.  com. 


Microsoft  takes  step  toward  management  standard 

IBM,  HP  and  others  partnering  on  Service  Modeling  Language  specification. 


BY  JOHN  FONTANA 

Microsoft  last  week  said  it  was  working 
with  nine  partners  to  create  a  standard 
modeling  language  to  help  corporations 
manage  their  infrastructure  better. 

The  group  released  the  draft  specification 
of  the  Service  Modeling  Language  (SML), 
which  is  also  supported  by  IBM  and  HP 
among  others  (see  graphic)  and  is  based 
on  Microsoft’s  System  Definition  Model 
(SDM).  Management  stalwart  CA  was  con¬ 
spicuously  absent  from  the  list  of  support¬ 
ers,  but  Microsoft  officials  said  they  are  con¬ 
fident  CA  will  join  the  effort. 

The  group  hopes  to  submit  the  SML 
specification  to  a  standards  body  by  year- 
end  and  have  it  ratified  in  2007.The  group 
did  not  say  which  standards  body  it  would 
target. 

The  WS-Management  specification,  how¬ 
ever,  was  submitted  in  2005  to  the  Dis¬ 
tributed  Management  Task  Force.That  spec¬ 
ification,  which  would  serve  as  a  transport 
mechanism  for  SML  data,  was  co-written  by 
Advanced  Micro  Devices,  BMC  Software, 

A, Dell, Fujitsu, Intel, Microsoft, NEC, Novell, 
Sun  and  Symantec. 

NETWORK  MANAGEMENT 
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SDM  was  introduced  in  2003  as  the  cor¬ 
nerstone  to  Microsoft’s  Dynamic  Systems 
Initiative  (DSI),  a  10-year  plan  to  create  a 
comprehensive  management  platform  for 
Windows.SDM  is  defined 
by  XML-based  docu¬ 
ments  embedded  into 
applications  or  network 
resources  so  they  can 
communicate  manage¬ 
ment  and  operational 
needs  to  the  network. 

Developers  use  SDM  to 
embed  modeling  infor¬ 
mation  in  applications 
and  devices,  as  well  as  in 
services  such  as  configu¬ 
ration  and  security  poli¬ 
cies  associated  with  their 
operation.  IT  uses  the 
models  to  monitor  such 
issues  as  health,  service 
levels,  availability  and 
capacity 

Microsoft  said  SML-based  resource  mod¬ 
els  would  become  a  set  of  reusable  build¬ 
ing  blocks  that  would  be  applied  to  specif¬ 
ic  services,  therefore  eliminating  the  need 
to  write  custom  models  for  every  node  on 
the  network. 

While  experts  have  validated  Microsoft’s 


DSI  concept,  they  also  have  said  the  com¬ 
pany  must  turn  SDM  over  to  a  standards 
body  for  it  to  blossom  beyond  a  Windows¬ 
centric  management  technique. 

Microsoft  said  in  April  it 
was  working  on  Version  3 
of  SDM,  the  version  it 
hoped  to  get  its  partners 
to  rally  around.  Indeed, 
SDM  3.0  is  the  version  at 
the  foundation  of  SML, 
says  Kirill  Tatarinov,  cor¬ 
porate  vice  president  of 
the  Windows  and  enter¬ 
prise  management  divi¬ 
sion  at  Microsoft.  “Today, 
effectively  SDM  comes  to 
fruition,”  he  says.  “[Stan¬ 
dardization]  will  help 
our  customers  and  all 
the  vendors  and  devel¬ 
opers  to  do  a  much  bet¬ 
ter  job  defining  comput¬ 
er  resources  and  making  sure  systems  inter¬ 
operate  from  the  management  side,  the 
development  side,  and  the  operations  side.” 

Rick  Telford,  IBM’s  vice  president  of  auto¬ 
nomic  computing,  says: “This  is  important 
for  the  industry  because  we  have  all  strug¬ 
gled  with  the  complexity  of  IT  data  center 
issues,  and  we  all  realize  that  adding  stan¬ 


dards  to  remove  complexity  for  our  cus¬ 
tomers  is  of  paramount  importance.  [M]uch 
like  a  programming  language  defines  pro¬ 
grams,  SML  will  give  us  a  common  way  to 
define  [management]  models.” 

Microsoft  has  built  early  versions  of  SDM 
into  its  software;Visual  Studio  development 
tools  are  an  example.  SDM  3.0  will  be  sup¬ 
ported  in  forthcoming  versions  of  Microsoft 
Operations  Manager,  SMS,  System  Center 
Service  Desk,  Longhorn  Server  and  Visual 
Studio. 

Microsoft  plans  to  SDM-enable  all  its  infra¬ 
structure  software,  including  the  operating 
system,  so  SDM  management  models  can 
be  used  to  repair,  troubleshoot  and  report 
on  network  health.  ■ 


Best  practices  and  new  technology 
have  made  network  management  hot. 

Where  can  you  learn  and  see  what's  new?  Attend 
Network  Worlds  free  IT  Roadmap  Dallas  Event  in 
September.  One  day,  seven  tracks  and  40  IT  all¬ 
stars,  analysts,  vendors,  user  case  studies  ready 
to  work  for  you.  Qualify  to  attend  free  at: 
www.nwdocfinder.com/4129 


Working  with 
Microsoft 

Some  of  the  industry's 
biggest  names  are  teaming 
with  Microsoft  to  standard¬ 
ize  a  management  model¬ 
ing  language. They  include: 

BEA  Systems  HP 

BMC  Software  IBM 

Cisco  Intel 

Dell  Sun 

EMC 


Where  Can  You  Turn  for 
a  Total  Solution? 

As  a  total  solutions  provider,  NEC 
understands  the  complexities  today’s 
converged  networks  can  present  to  your 
business.  With  our  proven  experience, 
we  know  what  it  takes  to  help  you  avoid 
traveling  in  the  wrong  direction. 

NEC  delivers  the  most  choices  of  IP 
communications  platforms  to  meet  the 
unique  needs  of  your  business.  Add  to 
that  a  strong  portfolio  of  applications  and 
services,  and  before  you  know  it,  your 
business  is  traveling  in  the  direction  of 
improved  customer  experience,  enhanced 
employee  productivity,  increased  revenue 
generation  and  maximum 
return  on  investment. 


Why  go  in  different  directions  when  you  can 
focus  on  a  Total  Solution?  Turn  to  NEC! 


www.necunified.com/ip 
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MICROSOFT’S  FUTURE 
IN  SERVICES 


Microsoft's  services  picture  becoming  clear 


Service  transformation 


Here  is  a  look  at  some  services  Microsoft  offers  or  has  in  development. 


Services 

Description 

Comments 

Windows  Live 

Coilection  of  nearly  50  online  services  from 
search  to  shopping  to  security. 

Microsoft  plans  to  make  this  the  hub  for 
melding  its  corporate  software  with  services. 

Office  Live 

Nothing  to  do  with  Office  suite  of  productivity 
applications  but  rather  Web  site  hosting 
and  tools  for  small  businesses. 

Ongoing  trial  is  popular  but  reality  of  its 
appeal  will  arrive  when  fees  kick  in  at  the  end 
of  the  year  for  some  services. 

Office  Live 
Meeting 

Web  conferencing  service. 

Product  of  an  acquisition  that  is  being  tied 
to  corporate  collaboration  platform. 

Exchange 

Edge 

Services 

E-mail  hygiene  service. 

Also  acquired  and  being  tied  to  corporate 
messaging  platform. 

Dynamics 

GRM  Live 

First  corporate  application  slated  for  services 
model.  Release  scheduled  for  mid-2007. 

Newest  offering  of  software  that  also  is 
offered  in  an  on-premise  and  hosted  version. 

Excel 

Services 

Popular  spreadsheet  will  be  paired  with  back¬ 
end  server  for  file  sharing  with  Office  2007. 

Integration  of  Excel  with  SharePoint  Server 
in  model  that  is  more  hosting  than  services. 

An  image  of  Microsoft’s  future  — 
delivering  software-as-a-service  to 
corporate  customers  —  finally  is 
starting  to  develop,  although  the 
company  and  observers  agree  there  are 
many  challenges  ahead. 

That  picture,  while  not  ready  to  be  hung 
on  a  wall,  is  being  brought  into  focus  by 
Microsoft’s  development  of  Windows  Live 
consumer  services;  Office  Live,  which  is 
targeted  at  small  and  midsize  businesses 
(SMB);  search  technologies  that  meld 
locally  stored  and  Internet-based  data; 
and  the  recently  introduced  Dynamics 
CRM  Live  enterprise  application  service 
set  to  debut  in  2007. 

When  they  ship,  the  company  plans  to 
paint  Vista  and  Office  2007  into  the  portrait, 
integrating  Office  ShareFbint  Server  2007 
and  Windows  Vista  with  desktop  and  on¬ 
line  search  technologies,  for  example. 

But  beyond  that,  Microsoft  is  heavy  on  the 
strategy  and  vision. 

“Today  Microsoft  is  doing  a  lot  of  market¬ 
ing,  and  customers  are  certainly  looking 
over  their  shoulders  to  see  when  Microsoft 
realistically  will  enter  the  [software-as-a- 
service]  market,”  says  Rebecca  Wetteman, 
vice  president  of  research  at  Nucleus 
Research.  “Microsoft  is  a  little  behind  the 
ball  in  the  on-demand  space.  Having  some 
hosted  applications  is  not  necessarily 
going  to  cut  it.” 

R&D  boost 

For  now,  Microsoft  plans  to  use  its  platform 
of  applications  and  infrastructure  software 
to  enter  into  the  world  of  services,  and  the 
company  has  earmarked  an  additional 
$500  million  in  its  fiscal  2007  budget  for 
R&D  on  Internet-based  services,  including 
software  and  advertising-based  services  like 
those  made  popular  by  Google. 

“By  embracing  services  in  most  every¬ 
thing  we  do,  the  potential  for  this  com¬ 
pany  to  positively  impact ...  the  operation 
of  business  has  never  been  greater,”  Chief 
Software  Architect  Ray  Ozzie  said  at  the 
company’s  annual  meeting  for  financial 
analysts  last  month. 

Ozzie,  who  is  replacing  Bill  Gates  as  he 
moves  out  of  his  day-to-day  company 
duties  over  the  next  24  months,  is  leading 
the  charge  toward  what  he  calls  the  ser- 
v;o  s  transformation,  a  change  fostered  by 
owerfu!  edge  devices  and  centralized  ser¬ 
vices  —  and  high-bandwidth  pipes  to  con¬ 
nect  the  two. 

That  transformation  includes  going  toe  to 


toe  with  Google,  Yahoo  and  others  to  pro¬ 
vide  consumer  and  corporate  online  ser¬ 
vices,  but  Ozzie  says  those  are  only  a  start  of 
a  stepwise  process  that  will  see  first  SMBs, 
then  large  corporations  adopting  Internet- 
based  services,  which  Ozzie  says  will  be 
defined  by  integrating  desktop-based  soft¬ 
ware  and  server  applications  with  online 
services  anchored  by  Windows  Live.  Users 
would  access  those  services  through 
browsers,  mobile  devices  or  rich  clients, 
where  local  applications  and  data  are  aug¬ 
mented  by  one  or  multiple  services. 

Critics  say  before  Microsoft  can  make  that 
vision  a  reality,  it  has  to  surmount  chal¬ 
lenges  that  include  integrating  its  portfolio 
of  corporate  software  into  its  services 
model,  explaining  differences  between 
hosted  and  on-demand  versions  of  soft¬ 
ware,  avoiding  a  cannibalization  of  its  vast 
partner  community,  and  outsmarting  a 
growing  collection  of  vendors  offering 
online  alternatives  to  traditional  software. 

Where  are  the  roots? 

“Some  may  view  what  we’re  doing  here  as 
a  big,  bold  bet,”  Ozzie  says.“But  frankly  it’s  a 
very  natural  bet  for  us  as  a  platform  com¬ 
pany  Our  current  offerings  represent  a  huge 
asset  that  we  can  migrate  to  our  advantage 
into  this  new  services  world.” 

Although  Ozzie  is  just  the  sort  of  forward- 
looking  technologist  to  lead  Microsoft’s 
charge,  he  will  have  to  change  a  corporate 
culture  that  historically  divided  up  internal 
product  development,  experts  say 

“He  has  a  lot  of  cleaning  up  before  school 
starts,”  Nucleus  Research’s  Wetteman  says. 
“He  has  got  some  different  product  teams 
and  different  product  strategies  that  he 
needs  to  refocus.” 

The  first  example  of  that  is  Dynamics 
CRM  Live,  which  is  Microsoft’s  answer  to 
Salesforce.com  and  other  providers  of  line- 
of-business  applications  in  the  software-as- 
a-service  model.  The  company  plans  to 
ship  its  CRM  software,  code-named  Titan, 
next  year.Titan  will  be  available  in  three  ver¬ 
sions  based  on  the  same  code,  which  will 
be  tuned  to  run  on-premises  within  a  cus¬ 
tomer’s  network,  to  be  hosted  by  a  third 
party  or  to  be  obtained  as  a  Live  service 
from  the  Internet.  The  code  also  has  been 
updated  to  add  multitenant  capabilities,  let¬ 
ting  multiple  users  reside  on  a  single  server. 

This  delivery  model  maps  to  the  future 
laid  out  by  Ozzie  where  services  are 
additive  —  not  necessarily  replacing 
corporate  software  but  offering  alterna¬ 


tives  or  complements. 

For  example,  the  on-premise  version  of 
Titan  will  integrate  with  features  of  Vista 
and  Office  2007,  but  users  also  will  be  able 
to  integrate  with  Windows  Live  services. 
Developers  will  be  able  to  overlay  Live 
Local  maps  with  customer  data  within  Out¬ 
look,  a  mashup  integrating  Internet-based 
services,  corporate  applications  and  rich- 
client  software  on  the  desktop. 

“It  is  not  an  either-or  world,  it  is  an  and 
world,”  says  Tim  O’Brien,  director  of  plat¬ 
form  strategy  for  Microsoft.  Even  Microsoft 
is  figuring  out  what  “and”  means,  however: 
O’Brien  acknowledges  the  services  model 
for  other  Dynamics  software,  such  as  ERR  is 
not  baked  sufficiently  to  talk  about  publicly 

Microsoft  concedes  this  kind  of  services 
model  will  require  corporate  users  to 
weigh  the  trade-offs  —  cost  vs.  control,  for 
example  —  but  says  the  shift  toward  tap¬ 
ping  into  a  services  infrastructure  main¬ 
tained  by  some  third  party  could  offer  cost 
advantages  that  can’t  be  ignored. 

Will  it  fly? 

Whether  large  organizations  will  shift 
resources  to  the  services  model  is  still  a 
wide-open  question,  but  the  scales  seem  to 
be  tipping  in  favor  of  it.  A  recent  IDC  survey 
of  512  North  America-based  IT  pros  shows 
that  nearly  79%  have  purchased  or  are 
reviewing  software-as-a-service  offerings. 
And  Microsoft  is  proving  there  is  some 
interest  among  smaller  companies. 

Microsoft’s  Office  Live  service,  which 


launched  Feb.  15  with  free  beta  trials,  al¬ 
ready  has  110,000  users,  according  to 
Ipwalk,  which  provides  domain-  and  name- 
server  data  and  statistics. 

The  basic  Office  Live  service  provides  a 
domain  name,  hosting,  a  home  page  and 
five  e-mail  accounts,  and  will  be  offered 
free.  But  the  cost  question  won’t  be 
answered  until  later  this  year  when  Live 
Collaboration  and  Live  Essentials  are 
released.These  add-ons  provide  collabora¬ 
tion  and  project  management  tools, 
among  other  services  —  which  will  cost 
about  $30  per  month. 

“1  don’t  think  Microsoft  is  at  any  consti¬ 
tutional  disadvantage  to  other  competi¬ 
tors,  because  this  is  really  a  young  market,” 
says  Peter  O’Kelly  an  analyst  with  Burton 
Group. “We  are  still  in  the  early  innings  of 
this  game.” 

Whether  Office  Live’s  fee-based  services 
fly  will  help  determine  to  what  extent 
Microsoft  is  a  player,  experts  say. 

But  make  no  mistake,  the  company  is 
attacking  the  problem  from  all  angles 
and  from  the  bottom  of  the  organization 
to  the  top. 

Microsoft’s  stake  in  online  services  may 
have  been  summed  up  best  late  last  month 
by  CEO  Steve  Ballmer  when  he  told  finan¬ 
cial  analysts, “I’m  probably  spending  more 
time  today  with  advertisers  than  1  am  with 
enterprise  customers,  and  I’m  certainly 
spending  more  time  with  telecommunica¬ 
tions  companies,  who  are  critical  to  the 
partnership  in  online  services.”  ■ 
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AT&T  looks  to  extend  SBG’s  hold  on  SMBs 


AT&T’s  SMB  growth 

Company  seeks  growth  with  small  and  midsize  business 
customers  beyond  legacy  SBC's  13-state  region. 


Segment 

Regional  SMB  overall 
Regional  SMB  data 
Regional  SMB  voice 


Revenue  Q2  ’06 

$2  billion 

(number  to  come) 
(number  to  come) 


Growth  compared 
with  Q2  ’05 

4.9% 

14.3% 

1.9% 


BY  DENISE  PAPPALARDO 

AT&T  is  trying  to  find  the  right  mix  of  ser¬ 
vices  to  better  serve  the  small-to-midsize 
business  market  and  leverage  some  of  the 
successes  legacy  SBC  has  seen  in  its  13- 
state  region. 

The  carrier  is  essentially  repackaging 
hosting, security  and  VoIP  offerings  from  the 
legacy  AT&T  side  of  the  house  for  smaller 
businesses  that  have  different  needs  but 
expect  as  much  from  a  vendor  as  a  Fortune 
500  company 

“According  to  our  research,  SMB  cus¬ 
tomers  are  demanding  and  expect  exactly 
the  same  level  of  service  and  attention  as 
customers  spending  $10  million  annually 
with  a  carrier)’  says  David  Willis,  research 
director  at  Gartner. 

Winning  over  SMB  users  hadn’t  been  easy 
for  the  old  AT&T. 

“AT&T  has  always  had  products  for  the 
SMB  market,”  says  Brian  Washburn,  princi¬ 
pal  analyst  at  Current  Analysis.“But  a  lot  of 
folks,  including  AT&T,  just  didn’t  serve  that 
market  very  strong!))’ 


But  SBC  has.  “SBC  has  seen 
tremendous  growth  in  SMB  services 
in  its  13-state  region, ’’Willis  says.  It’s  a 
matter  of  duplicating  that  nationally 
from  a  sales  and  product  perspec¬ 
tive,  he  says. 

“From  the  legacy  SBC  side  we’re 
very  strong  with  roots  in  the  regional 
marketplace  . . .  that  hasn’t  wavered  at 
all, ’’says  John  Regan, vice  president  of 
marketing.“With  the  new  AT&T  we’re 
looking  at  how  we  fill  gaps  in  prod¬ 
ucts  and  solutions.” 

SBC  started  out  with  “a  ton  of  DSL  cus¬ 
tomers,”  and  one  of  the  things  AT&T 
brought  was  a  robust  infrastructure  in 
Internet  Data  Centers  across  the  globe, 
Regan  says.Which  is  why  one  of  the  first  ser¬ 
vices  for  the  SMB  market  from  the  new 
AT&T  is  in  the  Web  hosting  arena. 

Last  month  AT&T  launched  its  Remote 
Vault  Service  for  the  SMB  market 
(www.nwdocfinder, com/4637).  It  is  essen¬ 
tially  a  remote  storage  service  for  server 
and  PC  backup.  AT&T  offers  a  similar  ser¬ 


vice  for  larger  organizations,  but  this  offer¬ 
ing  is  packaged  and  priced  for  smaller 
companies. 

The  offering  costs  about  $5  to  $10  per 
gigabyte  for  server  backup,  and  $6  for  the 
first  gigabyte  and  $2  for  each  gigabyte 
thereafter  for  PC  backup. 

Now  the  company  is  looking  at  enter¬ 
prise  services,  such  as  VPN,  network- 
based  security,  intrusion  detection, 
antidistributed  denial  of  service  (DoS) 
offerings  and  trying  to  build  low-end 


offerings  that  work  for  smaller 
business  customers,  Regan  says. 

Toward  the  end  of  this  year  and 
into  early  2007,  AT&T  expects  to 
have  a  variety  of  security  services 
available  to  SMB  customers,  he 
says. 

AT&T  is  taking  its  Internet  Protect 
real-time  antidistributed  DoS  ser¬ 
vice,  its  intrusion-detection  and  -pre¬ 
vention  offerings,  and  repackaging 
and  pricing  them  for  SMB  cus¬ 
tomers.  It’s  not  clear  who  will  sell 
and  support  the  SMB  market  nationallySBC 
had  a  local  and  state  sales  team  structure, 
Washburn  says. 

Regan  says  the  SBC  structure  will  remain 
in  place  and  that  both  legacy  SBC  and 
AT&T  sales  representatives  will  serve  the 
SMB  market. 

“We  still  have  some  work  to  do  outside 
our  13-state  region,”  Regan  says.“We  want  to 
play  off  our  strengths  and  success  in  the 
SMB  market.The  new  company  clearly  rec¬ 
ognizes  that.”B 


EYE  ON  THE  CARRIER 

Johna  Till  Johnson 


Last  week  I  wrote  about  privacy  chal¬ 
lenges  that  can  affect  companies,  particu¬ 
larly  those  doing  business  globally.  Here 
are  some  best  practices  for  ensuring  that 
your  company  stays  on  the  right  side  of 
those  issues: 

Have  a  privacy  policy  Yes,  it’s  basic.  But 
you’d  be  surprised  how  few  U.S.-based 
companies  have  a  formal  privacy  policy  It 
should  expressly  cover  how  you’re  protect¬ 
ing  employee  as  well  as  customer  and  busi¬ 
ness  partner  data;  under  precisely  which 
circumstances  that  information  is  released 
(and  to  whom);  the  measures  you  take  to 
ensure  confidentiality;  and  any  special 
cases  (for  example,  the  specific  scenarios 
under  which  you  will  and  won’t  reveal  sen¬ 
sitive  information  to  government  agencies 
—  particularly  as  pertains  to  governments 
outside  the  United  States). 

Network  managers  should  pay  special 


Enterprise  privacy  strategies,  tactics 


attention  to  how  the  policy  potentially 
affects  site-to-site  transmission,  as  impacts 
could  be  far-reaching:  Depending  on  your 
policy  you  may  need  to  deploy  site-to-site 
or  end-to-end  encryption,  identity  manage¬ 
ment  or  location-based  restriction  of  ser¬ 
vices.  Finally  keep  in  mind  that  in  addition 
to  national  law, your  organization  is  likely  to 
fall  under  local,  regional  or  vertical-industry 
regulations  (Health  Insurance  Portability 
and  Accountability  Act,  Gramm-Leach-Bli- 
ley  or  the  California  Database  Breach  Noti¬ 
fication  Act  SB  1386). 

Make  sure  the  policy  is  in  line  with  the 
regulatory  environment  in  every  region 
and  country  in  which  you’ll  be  doing  busi- 
ness.This  means  performing  a  gap  analysis 
between  your  policy  and  the  laws  of  indi¬ 
vidual  countries.  Are  your  customer  data- 
protection  measures  in  line  with  what’s 
required  in  the  European  Union,  Canada, 
Japan  and  other  countries  with  stringent 
privacy  requirements?  Does  your  policy  for 
providing  sensitive  information  to  govern¬ 
ments  conform  with  the  local  and  regional 
calls?  If  it  doesn’t,  how  does  the  company 


plan  to  rationalize  the  difference? 

Require  telcos  and  other  global  service 
providers  to  detail  their  policies  for  privacy 
with  respect  to  the  above  issues.  It’s  particu¬ 
larly  important  to  clarify  under  which  cir¬ 
cumstances  carriers  will  release  informa¬ 
tion  to  their  local  governments,  under 
CALEA  or  its  equivalent.  Additionally,  find 
out  the  specifics  about  how  telcos  handle 
traffic  monitoring  and  measurement  —  if  a 
carrier  is  tracking  customer  data  for  the 
purposes  of  traffic  monitoring,  for  example, 
there  may  be  specific  privacy  constraints 
on  how  long  this  information  is  held  and  to 
whom  it’s  exposed. 

Require  telcos  and  providers  to  reveal 
their  privacy  practices  —  how  they  imple¬ 
ment  the  aforementioned  policies.  Piac- 
tices  are  the  “how"  that  corresponds  to 
the  “what”  of  policies  —  for  example,  if  a 
policy  is  to  keep  customer  data  secure, 
how  is  that  data  secured?  What  forms  of 
encryption  are  deployed,  and  where? 
Which  entities  are  serving  as  certificate 
authorities  or  key  issuers?  Keep  in  mind 
that  the  best  time  to  do  this  is  during  con¬ 


tract  negotiations,  when  you  can  request 
such  information  as  part  of  the  Master 
Services  Agreement. 

The  bottom  line?  An  ounce  of  preven¬ 
tion  is  worth  a  pound  of  cure.  Holding 
these  discussions  early  on  can  prevent 
lawsuits  and  leave  all  parties  clear  on  what 
to  expect. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


nww.com 

Security  event 

Attend  The  Security  Standard  executive  summit  and 
find  out  how  to  develop  a  security  plan  that 
enhances  your  market  positioning.  Join  us  on  Sept. 
6  and  7  in  Boston.  Register  now  and  save  $200. 

www.nwdocfinder.com/4625 
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with  ProLiant  Essentials  Management  Software 

•  Up  to  2  Dual-Core  AMD  Opteron™  200  Series  processors 

•  High  density:  Up  to  96  servers  per  rack 

•  Flexible/Open:  Integrates  with  existing  infrastructure 

•  HP  Systems  Insight  Manager™:  Web-based  networked 
management  through  a  single  console 

•  Rapid  Deployment  Pack:  For  ease  of  deployment  and 
ongoing  provisioning  and  reprovisioning 

■  Integrated  Cisco  or  Nortel  switch  options 


HP  StorageWorks  MSA1500cs 


HP  ProLiant  BL35p  BLADE  SERVER 


Chaos,  now  under 
your  control. 

HP  BludeSystem  servers  offer  tools  to  help  you  keep  pace  with  fluctuating  demands. 

The  HP  ProLiant  BL35p  Blade  Server  is  designed  to  relieve  some  of  the  stress.  Its 
AMD  Opteron™  processors  offer  dual-processor  power  with  breakthrough  efficiency. 
With  management  features  like  the  Rapid  Deployment  Pack  that  lets  you  deploy 
and  redeploy  blades  without  missing  a  beat,  and  a  single-view,  graphical  user 
interface  that  streamlines  monitoring  and  configuration,  HP  BladeSystem  servers  work 
with  you  so  you  don't  have  to  work  so  hard.  And,  bundled  with  the  StorageWorks 
MSA1500cs,  you  can  reduce  the  cost  and  complexity  of  deploying  a  storage  area 
network,  giving  you  a  better  return  on  investment. 


with  StorageWorks  Essentials  Management  Software 


■  Up  to  24TB  of  capacity  (96  250GB  SATA  drives) 

•  Up  to  16TB  of  capacity  (56  300GB  SCSI  drives) 

•  Ability  to  mix  SCSI  and  Serial  ATA  enclosures  for 
greater  flexibility 

•  2GB/1GB  Fibre  connections  to  host 


SMART  ADVICE  >  SMART  TECHNOLOGY  >  SMART  SERVICES 


Call  1-888-223-5441 
Click  Hp.com/go/bladesmag49 
Visit  your  local  reseller 


invent 


Reseller  prices  may  vary.  See  Web  site  for  full  details.  For  hard  drives.  1GB  =  1  billion  bytes.  Actual  formatted  capacity  is  less.  Photography  may  not  accurately  represent  exact  configurations  priced.  Associated  values 
tepresent  HP  publisned  list  price.  AMD,  the  AMD  Arrow  Logo,  AMD  Opteron  and  combinations  thereof  are  trademarks  of  Advanced  Micro  Devices,  Inc.  ©2006  Hewlett-Packard  Development  Company,  L.P. 
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TECHNOUMiY  UPDATE 

■  AN  INSIDE  LOOK  AT  TECHNOLOGIES  AND  STANDARDS 

Data  reduction  speeds  WANs 


HOW  IT  WORKS:  DISK-BASED  DATA  REDUCTION 

A  WAN  acceleration  appliance  uses  data  reduction  to  deliver  information  from 
local  data  stores,  thus  improving  application  performance. 


Application 

server 


appliance 


Remote 

reduction 

appliance 


Client 


□  Local  data  reduction  appliance  intercepts  data  sent  from  server. 

B  Local  appliance  instructs  remote  appliance  to  deliver  information  to  the  client. 
B  The  remote  appliance  delivers  the  information  locally. 


BY  JEFF  AARON  AND  DAVID  HUGHES 

Various  technologies  have  emerged 
aimed  at  improving  application  perform¬ 
ance  over  enterprise  WANs.Though  helpful, 
solutions  such  as  compression,  QoS  and 
wide-area  file  services  don’t  offer  large 
enough  performance  gains  across  a  wide 
spectrum  of  applications,  making  their  costs 
difficult  to  justify  for  larger  deployments. 

Disk-based  data  reduction  is  the  newest 
WAN-acceleration  technology  that  has 
emerged  to  help  solve  the  performance, 
breadth  and  scale  limitations  that  have 
plagued  earlier  technologies.  It  works  on  a 
simple  premise  —  the  most  efficient  way  to 
accelerate  the  transfer  of  information  across 
the  WAN  is  to  not  send  it  in  the  first  place. 
This  provides  significant  benefits  in  the  form 
of  increased  WAN  bandwidth  efficiency  and 
reduces  application  response  time. 

To  employ  disk-based  data  reduction,  a 
WAN-acceleration  appliance  is  deployed 
in  each  location,  such  as  a  branch  office 
or  data  center. The  appliances  examine  all 
information  traveling  in  and  out  of  a  WAN, 
“fingerprinting”  the  information  and  stor¬ 
ing  a  copy,  or  instance,  of  the  data  on  local 
hard  drives. 


During  the  fingerprinting  process,  pattern¬ 
matching  technology  is  used  to  see 
whether  the  data  being  transferred  matches 
data  stored  on  a  local  drive  at  the  destina¬ 
tion.  If  the  remote  appliance  has  already 
stored  the  information,  there  is  no  need  to 
resend  it  over  the  WAN.  Instead,  instructions 
are  sent  to  deliver  the  data  locally  This  en¬ 
tire  process  takes  place  independent  of 
normal  client/server  communications,  en¬ 
suring  that  the  most  up-to-date  data  is 
always  delivered  in  real  time. 

On  the  surface,  disk-based  data  reduction 
resembles  traditional  caching,  but  there  are 
several  major  differences,  which  include: 

•  Application  breadth:  Data  reduction 
detects  patterns  across  many  types  of  traf¬ 
fic.  Caches,  on  the  other  hand,  work  at  the 
object  level,  and  are  therefore  applicable 
only  to  a  specific  application. 

•  Application  transparency:  There  are  no 
client/server  modifications  when  deploy¬ 
ing  data  reduction.  In  some  caching  envi¬ 
ronments,  clients  need  to  be  reconfigured 
to  point  to  proxy  devices. 

•  Coherence:  By  preserving  all  client/ 
server  communications,  there  is  no  chance 
to  deliver  stale  or  inconsistent  information 
in  a  data-reduction  environment. 

•  Effectiveness:  Data-reduction  finger¬ 
prints  at  the  byte  level, not  the  object  level. 
This  provides  a  higher  hit  rate  when  look¬ 
ing  for  duplicate  data,  including  the  detec¬ 
tion  of  similar  information,  such  as  files 
that  have  been  renamed  or  data  that  has 
changed  slightly. 

While  results  may  vary,  disk-based  data 
reduction  can  eliminate  more  than  99%  of 


WAN  traffic  under  the  right  circumstances. 
For  example,  in  a  typical  office  environ¬ 
ment,  file  transfers  and  e-mail  traffic  can 
be  reduced  five  to  20  times  on  average, 
with  peak  reductions  exceeding  100 
times.  In  addition,  backup  and  replication 
data  volumes  will  be  routinely  reduced  by 
10  to  20  times,  with  peaks  of  50  to  100 
times.  Many  variables  affect  how  well  data 
reduction  will  improve  application  per¬ 
formance,  including  the  amount  of  redun¬ 
dancy  within  WAN  traffic.  Often  the  best 
(and  only)  way  to  determine  gains  is  to 
evaluate  the  technology  in  a  live  network. 

Disk-based  data  reduction  is  the  first 
WAN-acceleration  technology  to  provide 
order-of-magnitude  performance  benefits 
across  a  broad  set  of  enterprise  applica¬ 
tions.  Because  it  relies  on  the  fact  that  a 


large  percentage  of  WAN  traffic  is  repeti¬ 
tive,  it  often  is  implemented  in  conjunc¬ 
tion  with  other  techniques  to  provide 
performance  improvements  across  a 
wide  variety  of  WAN  conditions  and  traf¬ 
fic  patterns. 

With  data  reduction  as  a  core  technol¬ 
ogy,  enterprises  have  a  full  arsenal  of 
tools  to  overcome  WAN  limitations.  This 
paves  the  way  for  strategic  server- 
centralization  projects  and  improves 
business  continuity  by  ensuring  success¬ 
ful  data  backup  and  recovery 

Aaron  is  director  of  product  marketing, 
and  Hughes  is  CTO  and  founder  of  Silver 
Peak  Systems.  They  can  be  reached  at 
jaaron@silver-peak.com  and  dhughes@ 
silver-peak.com,  respectively. 


Ask  Dn  Internet  By  Steve  Blass 

is  >  \  ^Safwal  A; r  8Bs»§iS I 


In  our  Active  Dii  ectory  domain,  we’d  like  to 
manage  users  and  groups  from  a  workstation 
rather  than  from  the  server.  How  can  I  get  the 
Active  Directory  Users  and  Computers  applica¬ 
tion  into  my  XP  workstation  Administrative 
Tools  menu? 

The  Active  Directory  management  tools  for  Windows 
2000  or  2003  can  be  installed  on  your  XP  workstation 
from  the  AdminPak.MSI  installer  package  on  your 
server  operating  system  installation  disk,  or  you  can 
download  the  Windows  2003  Service  Pack  1  version 


called  WindowsServer2003-KB304718-Administration- 
ToolsPack.exe  from  Microsoft  (www.nwdocfinder. 
com/4636).  The  original  release  version  ofAdminPak.exe 
is  also  available  from  Microsoft. 

Make  sure  you  use  the  version  that  matches  your 
server  operating  system  level,  as  mixing  the  original  and 
Service  Pack  1  versions  can  cause  problems.  Once  you 
install  the  administration  tools  package,  you  will  see 
several  new  Active  Directory  entries  in  your  Admin¬ 
istrative  Tools  menu  under  Control  Panel  on  the  XP 
workstation.  The  Active  Directory  Users  and 
Computers  applications  provide  a  tree  view  of  the 


domain  organizational  units,  and  provide  commands  for 
managing  users,  computers  and  groups.  If  you  are 
logged  on  to  the  domain  with  sufficient  privileges,  you 
can  add,  modify  or  delete  resources  without  being 
prompted  for  credentials  on  every  command.  If  you  are 
logged  on  to  the  local  machine,  you  will  be  asked  for 
your  domain  username  and  password  before  being 
allowed  to  make  resource  changes. 

Blass,  a  network  architect  at  Change@Work  in 
Houston,  can  be  reached  at  dr.internet@changeat 
work.com. 
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More  GPS 


GEARHEAD 

INSIDE  THE 
NETWORK 
MACHINE 

Mark  Gibbs 


So  we  were  discussing  our  wob¬ 
bling  office  last  week,  which  we 
discovered  with  the  help  of 
Microsoft  MapPoint  2006  with  GPS 
Locator. This  curious  phenomenon 
was  caused  by  a  continuously 
changing  GPS  positional  error 
rather  than  our  office  really  being 
physically  unstable. 

(Before  we  continue  our  GPS  per¬ 
ambulations,  a  question:  Has  Micro¬ 
soft  Words  spell-checker  ever  just 
stopped  working  for  you?  Ours  has. 
Before  you  ask,  we  did  check  under  Tools  I  Options  1 
Spelling  &  Grammar,  and  every  choice  is  correctly  set  and 
we’ve  rebooted.Twice.Any  ideas?) 

Back  to  MapPoint  2006.  Now  that  we’ve  run  it  for  a  bit 
longer  we’ve  noticed  a  few  more  problems. 

First,  if  GPS  tracking  is  on  and  you  select  an  area  on  the 
map  and  try  to  zoom  in, you  can’t.The  GPS  tracking  defeats 
the  zoom  operation.You  have  to  enlarge  the  map  using  the 
zoom  slider  control. 

Second  (and  more  serious),  after  several  hours  of  GPS 
tracking,  the  map  display  area  wouldn’t  redraw  properly 
and  just  flashed  a  couple  of  times  each  second  until  the 
GPS  was  switched  off.  Another  apparently  related  issue  was 
the  display  not  showing  a  complex  track  that  occurred  in  a 
small  area  (actually  our  GPS  wobble  trail)  when  the  display 
was  at  maximum  zoom. 


These  aren’t  real  showstoppers  but  are  peculiar  bugs  for 
such  an  otherwise  well-polished  product. 

We  also  found  two  things  missing  in  MapPoint  2006.  First, 
when  you  tell  the  GPS  feature  to  generate  a  trail,  it  doesn’t 
record  when  each  point  was  reached  or  how  fast  you  were 
going,  just  the  fact  that  you  passed  through  the  point. 
Second,  when  you’re  wearing  your  propeller  beanie  and 
looking  at  the  MapPoint  GPS  control  panel,  you  start  to 

After  several  hours  of  GPS 
tracking,  the  map  display  area 
wouldn’t  redraw  properly. 

think, “There’s  not  enough  information  here!  1  want  to  know 
more  about  what’s  going  on!”We  suspect  you’ll  crave  know¬ 
ledge,  such  as,  “How  many  satellites  are  we  currently 
using?”  and  “Where  are  they  in  the  great  celestial  vault?” 

We  found  answers  in  a  free  utility  called  GPSManager 
from  American  Outland.We  recommend  this  software  with 
reservations  because  the  company’s  site  says  nothing 
about  it,  other  than  a  page  that  promises  future  on-site  ver¬ 
biage  and  a  link  to  download  it.  Add  to  that  the  lack  of  doc¬ 
umentation  and  the  software’s  unfinished  state.  But  on  the 
other  hand,  it’s  free. 

Configure  GPSManager  for  the  COM  port  of  your  GPS 
device  (usually  COM6  at  4,800bps  for  the  Microsoft  GPS 
device)  and  the  type  of  data  (American  Outland’s  device 
output  formats  or  the  National  Marine  Electronics  Asso¬ 


ciation  [NMEA]  standard  that  the  Microsoft  device  uses). 

After  connecting,  press  the  Navigation  option.  A  screen 
appears  that  offers  two  tabs,  the  first  being  Current  Fix,  a 
text  display  that  includes  your  calculated  location,  number 
of  satellites  in  view,  and  accuracy  of  your  position  (see 
www.nwdocfinder.com/4632).  The  second  tab,  Satellite 
Data,  is  a  diagram  of  where  the  currently  visible  GPS  satel¬ 
lites  are  in  the  sky  along  with  a  table  of  their  azimuths  and 
elevations  and  a  graph  of  their  signal  strengths. Very  cool. 

You  can  also  examine  raw  NMEA  data  in  the  form  of“sen- 
tences,”  basically  blocks  of  data  (see  www.nwdocfinder. 
com/4633  and  /4634;  note  that  most  sentence  types  or 
codes  are  not  used  by  consumer  devices).  Excellent. 

But  you  can’t  use  GPSManager  and  MapPoint  at  the  same 
time  because  they  can’t  share  the  serial  port  the  GPS  is  on 
—  or  can  they?  You  betcha  they  can.The  solution  is  called 
Franson  GpsGate. 

Available  for  a  mere  $30  (Windows  XP2000,  NT,  ME,  98, 
Pocket  PC,  CE  and  .Net),  GpsGate  lets  you  multiplex  data 
from  Garmin  and  NMEA-compliant  GPS  receivers  (or 
translate  Garmin  datastreams  into  NMEA  data  streams)  to 
as  many  as  eight  serial  ports,  as  well  as  output  to 
Bluetooth  and  save  the  GPS  data  in  a  log.  This  software 
has  a  long  list  of  features  for  testing  and  analyzing  GPS 
devices  and  software  that  uses  GPS  data.  Outstanding. 
GpsGate  Express  ($10),  allows  just  two  applications  to 
share  the  GPS  data. 

Where  are  you  heading?  Tell  gearhead@gibbs.com. 


Ultraportable  notebooks  continue  to  impress  me,  making 
4  advancements  in  features  that  make  me  forget  about  their  heavier 
brothers  on  the  “normal”  notebook  front.  Here  are  two  of  the  latest 
I’ve  had  the  joy  of  testing  recently: 

The  scoop:  Gateway  E-100M,  starts  at  $1,400,  from  Gateway 
What  it  is:  Gateway’s  return  to  the  ultraportable  space  is  the  impressive  E-100M 
series,  designed  with  enough  features  to  make  any  techie  happy  but  thin  and  light 
enough  to  ease  the  load  on  your  mobile  workers.  Features  include  an  Intel  Core  Solo 
processor  (1.2GHz),  512MB  of  system  memory  a  40GB  hard  drive,  six-in-one  media 
card  reader,  one  Type  II  PC  card  slot,  two  USB  2.0  ports, VGA  out  port,  IEEE  1394  and 
Intel  Graphics  Media  Accelerator  950  card.The  notebook  features  a  12.1-inch  wide¬ 
screen  display  (l,280-by-800-pixel  maximum  resolu¬ 
tion),  integrated  stereo  speakers  and  integrated  Gigabit 
Ethernet  port.  Bluetooth  wireless  and  802. 1  la/b/g 
wireless  LAN  support  add  connection  options. 

Why  it’s  cool:  The  sleek  black  design  (with  really 
cool  blue  backlights)  appeals  to  the  visual  senses, 
but  the  real  strength  is  the  E-lOOM’s  lightness  (3.15 
pounds  with  the  threecell  battery). The 
full-sized  keyboard  was  easier  to 
type  on  than  the  Fujitsu  note¬ 
book,  and  the  price  was  impres¬ 
sive  for  an  ultraportable. 

The  Gateway  E-10QM  has  501116  caveatS:  There’s  no  integrated  optical  drive’ 

e  i*!i  fsatiires  to  make  so  to  'nstaM  programs  from  a  CD-ROM  or  to  watch  a 

teaiues  happy.  DVD,  an  optional  USB  drive  is  required  ($200), 


which  also  takes  away  one  of  the  two  USB  ports.  The  thin  notebook  also  gets  very 
hot,  making  some  sort  of  notebook  cooling  system  required. 

Grade:  ★★★★-/  (out  of  five) 

The  scoop:  Fujitsu  LifeBook  Q2010, starts  at  $2,000. 

What  it  is:  The  latest  ultraportable  from  Fujitsu  PC  rede¬ 
fines  cool  and  sleek.  The  2.2-pound  notebook  offers  a 
12.1-inch  widescreen  display  Intel  Core  Solo  Processor 
(1.2GHz),  512MB  of  system  memory  30GB  hard  drive, 
integrated  802.1  la/b/g  wireless,  embedded 
fingerprint  sensor  and  dual  digital 
microphone  with  noise  cancella¬ 
tion.  The  system  includes  a  Type  II 
PC  Card  slot,  two  USB  2.0  ports  and  an  IEEE 
1394  port.  Additional  ports  and  the  optical  drive  are 
available  via  a  docking  station,  which  adds  to  the 
weight  of  the  unit  but  still  keeps  it  portable. 

Why  it’s  cool:  It  oozes  sleek,  style  and  what 
Fujitsu  calls  “executive  jewelry”  Despite  its  weight,  the  Q2010  has  durable  con¬ 
struction  features,  such  as  a  magnesium  alloy  casing  and  titanium  hinges  (not 
rugged,  but  they  should  offer  some  protection  when  you’re  stowing  it  away  in 
the  carry-on  space). 

Some  caveats:  I  get  frustrated  by  the  half-sized  button  on  the  keyboard  for  the  pe¬ 
riod  key  Even  though  most  of  the  world  needs  the  period  for  word  processing  or  for 
typing  in  Web  addresses,  the  period  key  remains  smaller  than  all  other  keys, causing 
more  typos  for  even  the  most  veteran  touch-typist. 

Grade: 

Shaw  can  be  reached  at  kshaw@nww.com.  There's  a  new  video  show  every 
Thursday1,  and  a  Twisted  Pair  podcast  ( with  Jason  Meserve)  every  Friday  at  www.net 
workworld.com. 


Fujitsu’s  LifeBook  Q2010 
oozes  style. 
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high  Availability 

RELIABILITY 
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superior  performance 

■  Up  to  1 40,000  L4  connections/sec 

•  Application  throughput  from  2  to  1 2  Gbps 

•  Wire-speed  Layer  273  forwarding 

•  Scalable  processor  performance 


Resilient  switching  and  routing  foundation 
Global  load  balancing  for  multi-site 
scalability  and  survivability 
Link  aggregation 

Rapid  and  stateful  session  failover 
RSTP,  VRRP  for  switch  and  router 
redundancy 

Redundant  power  supplies 


j 


SCALABILITY  & 
EXPANDABILITY 

•  Port  expansion  to: 

•  48  Gigabit  Ethernet 

•  48  10/100  Mbps  Ethernet 

•  4  1 0-Gigabit  Ethernet 


/■ 


SERVERlRONGT 


SERIES 


SECURITY 

•  DoS  protection  up  to  4  million  SYN/sec 

•  Wire-speed  ACLs 

•  Application  rate  limiting 

•  Secure  device  management 

•  sFlow  traffic  monitoring 


RICH  FEATURES 

*  Intelligent  content  switching  using 
URL  HTTP,  XML  cookies,  SSL 
ID  and  others 

■  IP  NAT 

■  RIPv2,  OSPF  routing 


FLEXIBILITY  & 

Manageability 


In-line,  one-ARM  and  Direct  Server 
Return  modes 

Web,  SNMP.  INM  and  Cisco-like  CLI 


r 


Uptime,  scalability,  performance 
and  security  are  the  watchwords 
for  your  network.The  Serverlron® 
application  switch  is  designed  for 
this  environment.  Its  advanced 
switch-based  architecture 
features  a  scalable  content 
switching  engine  with  hardware- 
based  DoS  protection  delivering 
the  industry’s  most  powerful 
and  secure  application 
switching  solution. 


P0  Appliances  Cannot  Match  the 
Pinner  and  Flexibility  of  the  Ss/i/S/J/DU 

ServerIrqn  PC  appliances  | 

PERFORMANCE  UPGRADEAB  ILITY 

s/ 

X 

IN-SERVICE  PORT  EXPANDABILITY 

v' 

X 

lO-GE  SUPPORT,  >1D  GPBS  THROUGHPUT 

X 

HIGH-DENSITY  DIRECT  SERVER  FAN-OUT 

s/' 

X 

HARDWARE-BASED  CONNECTION 

MANAGEMENT  AND  DOS  PROTECTION 

s/ 

X 

WIRE-SPEED  L2/L3  FORWARDING  AND  ACLS 

s/ 

X 

FOUNDRY 

NETWORKS 

The  Power  oj  Performance™ 


The  ServerIrqn 
Family  of  Products 
Also  Includes: 


ServerIrqn  4-50  and  850 


S  ERVER I RONXL 


serverIrqnSA  Accelerators 


Foundry  Networks,  Inc.  is  a  leading  provider  of  high-performance  Enterprise  and  Service  Provider  switching,  routing  and  Web  traffic  management  solutions 
including  Layer  2/3  LAN  switches.  Layer  3  Backbone  switches.  Layer  4-7  Web  switches,  wireless  LAN  and  access  points,  access  routers  and  Metro  routers. 

v  _ _ y 


For  more  information  please  call:  us/canada  1  SSS  TURBOLAN, 
INTERNATIONAL  +1  408.586.1700  OR  VISIT  OUR  WEBSITE  AT  WWW.FOUNDRYNET.COM/SIE 
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OnTechn 

Christine  Burns 

It’s  better  than  the 
Energizer  bunny 

As  we  find  ourselves  at  about  the  halfway  mark  in  a  sum- 
merlong  process  of  pounding  on  vendors  to  fill  out  our 
technically  meticulous  product  surveys  that  drive  the 
Network  World  Buyer’s  Guides,  1  can’t  help  but  conjure  up  the 
image  of  that  pink  Eveready  Energizer  bunny  with  the  beat¬ 
ing  drum. 

It  just  keeps  going  and  going  and  going  .... 

But, you  see,  that  is  the  simple  point  here.These  Buyer’s 
Guides  (www.nwdocfinder.com/4629),  were  not  built  to  rep¬ 
resent  a  single  snapshot  in  time  for  a  particular  market  seg¬ 
ment.  Rather,  we’ve  constructed  them  —  with  the  help  of  the 
underlying  collection  engine  provided  by  our  partner,  mBlast 
(www.mblast.com)  —  to  last  as  an  adaptable  tool  for  pin¬ 
pointing  products  that  our  readers  need  to  know  about, 
when  they  need  to  know  about  them. 

Yes,  we  have  to  push  vendors  hard  to  supply  us  with  an  ini¬ 
tial  set  of  completed  product  surveys,  so  that  we  have  the 
detailed  information  in  hand  for  the  actual  launch  of  any 
guide  we  publish.  In  June,  we  collected  more  than  500  prod¬ 
uct  listings  from  300  vendors  for  the  Security  Buyer’s  Guide. 
Last  week  we  published  the  Wireless  Security  Guide  with 
more  than  150  listings  from  70  players.And  today  we 
launched  the  Storage  Buyer’s  Guide  with  close  to  200  prod¬ 
ucts  listed  from  half  as  many  vendors. 

The  WAN/LAN  Management  Buyer’s  Guide  hits  on  Aug.  31, 
followed  by  the  Convergence  Buyer’s  Guide  on  Sept.  16,  the 
Network  Infrastructure  Buyer’s  Guide  on  Oct.  6  and  the 
Network  Applications  Guide  on  Oct.  31. 

But  these  launch  dates  are  just  that,  arbitrary  starting 
points.  Once  any  Network  World  Buyer’s  Guide  goes  live  on 
www.nww.com,  the  process  is  far  from  complete. Vendors 
already  involved  with  the  process  are  permitted  at  any  time 
after  the  launch  to  go  into  the  system  and  modify  their  exist¬ 
ing  entries  to  reflect  upgrades,  revise  feature  implementa¬ 
tions  and  list  new  additions  to  their  product  lines.  Likewise, 
vendors  who’ve  not  yet  answered  our  call  for  products 
can  register  w'ith  the  mBlast  system  and  add  information 
about  their  wares  to  any  appropriate  Buyer’s  Guides  at  any 
time.  (Vendors,  the  gateway  to  this  process  is 
www.nwdocfinder.com/4630.) 

In  addition  to  helping  the  guides  to  grow  vertically  by 
adding  more  products  in  existing  categories,  we  plan  to 
expand  this  project  horizontally,  adding  new  categories  as 
future  product  niches  avail  themselves  and  vendors  produce 
wares  to  fill  them.  If  you’ve  got  a  product  category  that 
deserves  a  Buyer’s  Guide,  contact  me  at  cburns@nww.com. 

We  plan  to  outlast  the  bunny  in  an  effort  to  make  these 
Buyer's  Guides  the  most  convenient,  one-stop  shop  for  net¬ 
work  product  research. 


—  Christine  Burns 
Executive  Editor, Testing 
cburns@nww.  com 


Not  going  to  Dell 

Regarding  Kevin  Tolly’s  column  “LAN  switches:  What 
Dell  did  right”  (www.nwdocfinder.com/4452): 
Consultants,  computer  stores  or  what  is  usually 
called  the  channel  avoided  Dell.  Why?  Customer  ser¬ 
vice.  Tech  support  was  geared  for  home  users  and 
didn’t  adjust  for  technicians.  Resellers  were  not 
treated  well  overall  —  warranty  turnaround  could 
take  days  to  weeks.  How  could  a  business  work  with¬ 
out  a  file  server  for  days  or  weeks?  Small  businesses 
would  buy  home  products,  then  channel  people 
would  have  to  provide  cleanup,  such  as  upgrade 
Windows  Home  edition  to  Windows  Professional 
edition.  Equipment  was  even  more  difficult  to 
upgrade.  Larger  businesses  had  people  to  figure  out 
what  to  buy  and  got  around  the  warranty  problems 
by  stocking  their  own  replacement  parts. 

Compaq,  HP  and  IBM  always  did  much  better. 
Compaq/HP  often  got  me  parts  by  10  a.m.  the  next 
day  even  though  it  was  after  5  p.m.  when  I  called. 
That  is  real  service  that  small  businesses  really  need. 

Brandon  Fouts 
Senior  systems  engineer 
Puget  Sound  Regional  Council 
Seattle 

Compromising  situations 

Regarding  Kevin  Tolly’s  column  “Compromising 
VoIP”  (www.nwdocfinder.com/4453):  I  found  Tolly’s 
assessment  of  the  security  risk  of  VoIP  on  an  internal 
network  overstated.  He  contends  “on-campus  voice 
isn’t  secure  and  can  be  compromised  relatively  eas¬ 
ily  by  anyone  with  access  to  your  switching  infra- 
structure.”VoIP  is  as  secure  as  data  over  the  network. 
It  is  true  that  someone  could  insert  a  hub  between 
your  VoIP  phone  and  the  switch,  and  spoof  your 
media  access  control  (MAC)  address  and  the  MAC 


of  the  computer  at  the  other  end  of  the  call  and  lis¬ 
ten  in.  But  someone  with  access  to  a  traditional 
voice  infrastructure  needs  only  a  $1.49  splitter  and  a 
phone  to  listen  in. 

If  your  network  is  so  insecure  that  VoIP  can  be  eas¬ 
ily  compromised,  then  the  same  people  can  easily 
read  all  your  e-mail  and  save  copies  of  any  files 
saved  on  the  server.  Those  emails  and  files  can  be 
quickly  searched  for  information;  voice  calls  have  to 
be  listened  to.  VoIP  is  the  least  of  your  worries  in 
such  a  network. 

Dan  Riordan 
Red  Bank,  N.J. 

Out  of  tune 

Regarding  your  editorial  “Internet  access  via  fiber  at 
15Mbps”  (www.nwdocfinder.com/4454),  in  which 
you  recounted  poor  throughput  to  remote  destina¬ 
tions  over  a  newly  upgraded  link,  1  believe  you  may 
be  running  into  bandwidth/delay  problems  associ¬ 
ated  with  an  untuned  TCP/IP  stack  optimized  for 
lower-bandwidth,  lower-latency  connections. This  is 
enough  of  a  general  problem  that  Internet2  (the 
higher-education  research  and  education  network) 
has  a  special  End-to-End  Performance  Initiative 
designed  to  help  users  cope  with  this  issue. As  a  test, 
you  may  want  to  try  visiting  the  Argonne  National 
Laboratory  Network  Diagnostic  Tool  site  (see 
www.nwdocfinder.com/4455).  I  suspect  you’ll  need 
to  expand  your  buffers  and  possibly  make  some 
other  adjustments  along  the  lines  of  the  Pittsburgh 
Supercomputing  Center  tuning  guide  (see  www. 
nwdocfinder.com/4456). 

Joe  St.  Sauver 
Eugene,  Ore. 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 1 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


Readers  respond  Find  out  what  readers  are  saying  about  these  and  other  topics. 
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USER  VIEW 
Chuck  Yoke 


The  ‘me’  in  team,  and  what  it  means 


Motivation  is  a  primary  factor  in  whether 
goals  are  missed,  met  or  exceeded. 
Motivation  determines  whether  people 
can’t  wait  for  their  feet  to  hit  the  floor  in  the 
morning  to  get  to  work  —  or  hit  the  snooze 
button  and  spend  another  five  minutes  dream¬ 
ing  of  a  better  life. 

And  it  is  motivation  that  decides  whether  a 
team  is  high-performing  or  barely  meeting 
goals. 

“There  is  no  T  in  team”  is  one  of  the  common 
phrases  in  team-building  seminars.  There  is  a 
“me”  in  team,  however,  and  if  you’re  going  to 
build  a  motivated  team  that  delivers  results,  you 
need  to  focus  on  the  “me.” 

Anyone  who  has  taken  a  basic  management 
course  has  heard  of  Abraham  Maslow’s  hier¬ 
archy  of  needs. 

According  to  Maslow,  people  are  motivated 
by  five  needs,  which  range  from  biological, 
such  as  eating,  to  higher,  self-actualization 
needs,  such  as  being  creative.  Each  of  these 
needs  is  focused  on  the  self. 

People  are  not  motivated  by  esoteric  ideas, 
such  as  increasing  shareholder  value  or  building 
a  world-class  organization.They  are  motivated  to 


meet  their  basic  needs  —  to  pay  the  bills,  be 
happy,  be  valued. 

The  key  to  motivating  a  team  is  to  translate 
business  goals  into  personal  value.  A  motivating 
leader  understands  this  and  makes  sure  the 
team  knows  what’s  in  it  for  them  if  they  meet  the 
goals. 

A  motivated  and 
successful  team  is  made 
up  of  individuals  who 
understand  what’s  in  it 
for  them. 

You  may  find  “it’s  about  me”  to  be  a  very  selfish 
view.  But  in  reality  nothing  could  be  further  from 
the  truth.  Here’s  an  example  of  how  it  can  be 
about  me  and  remain  unselfish: 

Let’s  say  I  have  been  assigned  a  project  to 
implement  a  new  system  that  will  increase  pro¬ 
ductivity  and  save  the  company  $2.5  million. 
That’s  a  good  corporate  goal,  but  it  means 
increased  workload  and  extended  leaves  from 
my  family  So  what’s  in  it  for  me? 


If  the  project  is  successful,  I  will  get  a  bonus, 
my  merit  raise  will  increase,  my  career  path  and 
job  security  will  be  enhanced,  and  1  could  get  a 
promotion.  Now  I’m  getting  motivated. 

To  motivate  my  team,  1  need  to  apply  the 
same  strategy  and  tell  them  what’s  in  it  for 
them. They  will  be  exposed  to  new  technology, 
a  new  network  with  new  equipment  will  be 
needed,  there  will  be  opportunities  for  train¬ 
ing,  they  will  get  a  bonus  and  potential  salary 
increase  if  the  project  is  successful,  and  they 
will  be  able  to  move  into  more  senior  posi¬ 
tions.  Now  they  are  motivated. 

My  “me”  is  motivated,  their  “me”  is  motivated 
and  we  are  a  motivated  team  ready  to  do  what¬ 
ever  is  needed  to  make  the  project  successful  — 
which  will  ultimately  satisfy  senior  manage¬ 
ment’s  “me,”  as  it  will  be  able  to  meet  its  goals. 

There  is  no  “I"  in  team,  but  there  is  a  “me” —  a 
bunch  of  them,  to  be  precise.  A  motivated  and 
successful  team  is  made  up  of  individuals  who 
understand  what’s  in  it  for  them. 

Yoke  is  director  of  strategy  and  architecture  for  a 
global  travel  and  real  estate  corporation.  He  can 
be  reached  at  ckyoke@yahoo.com. 


REAUTY  CHECK 
Thomas  Nolle 


What’s  behind  the  slowing  of  IT  job  losses? 


Remember  the  glory  days  of  IT  spending,  the 
late  1990s?  Obviously,  they’re  gone,  killed 
off  by  a  combination  of  a  post-Year  2000 
slump,  the  bursting  of  the  Nasdaq  bubble  and 
Sept.  1 1 .  Recently,  there’s  been  some  good  news 
—  sort  of.  According  to  the  latest  data,  the  loss  of 
IT  jobs  has  slowed  to  the  lowest  level  since  2000. 
Losing  less  isn’t  the  same  as  gaining  more,  but  it’s 
at  least  movement  in  the  right  direction,  and  it 
makes  one  wonder  what’s  behind  it. 

It’s  likely  that  a  part  of  the  story  is  orderly  eco¬ 
nomic  growth.  If  IT  was  overstaffed  in  the  past 
and  the  market  then  corrected,  it’s  logical  that  as 
the  economy  grows,  IT  needs  will  grow  with  it, 
and  a  correction  won’t  be  needed.  Business 
transactions  tend  to  grow  at  about  the  level  of 
the  gross  domestic  product  (GDP),  which  has 
increased  more  than  a  third  since  2000,  and  IT 
spending  tends  to  roughly  follow  GDP 
Roughly  but  not  exactly.  In  the  postbubble  col¬ 
lapse,  the  ratio  between  GDP  and  IT  spending  hit 
a  post-World  War  II  low.  This  ratio  shows  clear 
cyclical  behavior,  and  previous  lows  like  the  one 
we  saw  in  2002  were  followed  by  a  period  of  sig¬ 
nificant  growth,  lasting  as  long  as  six  or  seven 
years.  Our  2002  low  came  just  a  few  years  after  a 
peak  in  strategic  IT  spending  that  nearly 
matched  the  post-WWII  high  reached  in  the  late 
1960s  with  the  introduction  of  IBM’s  mainframe 
System/360. 

Suppose  we  really  do  have  cycles  in  IT  spend¬ 
ing.  What  does  the  current  job  situation  tell  us?  In 
past  upward  cycles  there  was  a  distinct,  three- 


stage  growth  process.  First,  the  improvement  in 
conditions  from  the  bottom  point  caused  com¬ 
panies  to  pick  up  spending  plans  they  had 
deferred. This  created  a  small  bubble  of  tactical 
reinvestment  in  past  IT  paradigms  that  lasted  two 
to  four  years,  followed  by  an  improvement  in  the 
job  market.  Why?  Because  the  next  stage  in  the 
cycle  is  a  more  strategic  investment  in  some  new 
IT  paradigm,  and  that  leads  to  the  third  stage, 
companies’  ramping  up  workforces  to  make  the 
IT  changes  this  stage  demands. 

New  IT  paradigms  deal 
with  a  new  way  of  relating 
computing  to  workers,  and 
what  fits  the  bill  in  today’s 
market  is  [SOA]. 

From  the  evidence  of  the  previous  stages  of 
strategic-spending,  it  seems  likely  that  new  IT  par¬ 
adigms  deal  with  a  new  way  of  relating  comput¬ 
ing  to  workers, and  what  fits  the  bill  in  today’s  mar¬ 
ket  is  service-oriented  architecture  (SOA).  By  ere 
ating  more  flexible  ways  of  building  applications, 
SOA  lets  users  tune  applications  to  workers 
almost  individually,  optimizing  productivity. That’s 
important  because  productivity  enhancement  is 
the  main  reason  to  spend  on  IT  in  the  first  place. 

If  all  this  is  correct,  we  should  see  signs  of  the 
oncoming  strategic  stage  in  other  areas, and  ven¬ 
ture  capital  research  shows  that  network  and 


software  investments  are  coming  back  into 
vogue.  We  should  also  see  leading-edge  success¬ 
es  in  SOA,  which  clearly  has  been  happening. 
What’s  next,  then? 

First,  timing.  At  about  this  point  in  the  most 
recent  cycles,  there  has  been  a  spending  down¬ 
turn  for  one  to  three  quarters  that  seems  to  be 
linked  to  the  transition  between  the  already 
mentioned  tactical  spending  on  the  previous  IT 
paradigm  and  new,  strategic  spending.  The  cur¬ 
rent  IT  indicators  seem  to  point  to  the  notion 
that  we’ll  have  this  hiccup  for  the  remainder  of 
2006,  at  which  time  we  would  expect  to  see 
orderly  growth  to  the  peak  of  the  cycle,  around 
the  end  of  the  decade. 

Second,  impact.  Job  loss  will  continue  to  slow, 
and  job  growth  probably  will  resume  late  in  the 
summer  of  next  year. Capital  spending  on  IT  equip¬ 
ment  aimed  at  SOA  will  expand  through  2007,  with 
software,  servers  and  then  networks  benefiting.  It’s 
likely  that  2007  still  will  be  a  tad  soft  for  networks, 
because  CIOs  will  be  focused  on  the  IT  side. 
Incumbent  vendors  will  benefit  most  in  the  early 
part  of  the  cycle  (to  about  2008), and  start-ups  will 
come  into  their  own  later  on.  All  this  is  consistent 
with  what’s  happened  in  the  past. 

The  industry’s  long  nuclear  winter  may  be 
finally  coming  to  an  end. 

Nolle  is  president  of  CIMI  Corp.,  a  technology 
assessment  firm  in  Voorhees,  N.J.  He  can  be 
reached  at  (856)  753-0004  or  tnolle@c.imi 
corp.com. 


ADVERTISING  FEATURE 
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In  Their 

WORDS 

Vendor  Solutions  for  Your  IT  Challenges 

COMPANY:  Diskeeper  Corporation 

OVERVIEW:  Diskeeper  Corporation  is  best  known 
for  Diskeeper®, The  Number  One  Automatic  Defrag¬ 
menter™  With  over  20  million  licenses  sold,  corpora¬ 
tions  worldwide  rely  on  Diskeeper  to  provide  unparal¬ 
leled  speed  and  reliability  on  their  workstations  and 
servers. The  company  also  provides  real-time  data 
protection  and  instant  file  recovery  with  Undelete® 
and  automated  patch  and  systems  management  with 
Sitekeeper®. 

CHALLENGE:  Even  with  all  the  new  technolo¬ 
gies  in  data  storage,  the  disk  is  still  the  weakest  link 
in  a  computer.  SATA  is  improving  workstation  per¬ 
formance,  and  RAID  (typically  SCSI)  is  the  norm  on 
production  servers.  Even  storage  virtualization  in  the 
form  of  SANs  is  helping.  However,  other  than  defrag¬ 
mentation  software,  no  solution  —  hardware  or  soft¬ 
ware-based  —  is  able  to  solve  the  age-old  issue  of 
file  fragmentation.  While  specialized  defragmentation 
software  exists  to  solve  it,  it  must  properly  integrate 
with  business  operations  or  else  its  value  is  irrelevant. 

SOLUTION:  Large  disks,  multimedia  files,  applica¬ 
tions,  operating  systems,  system  updates,  virus  signa¬ 
tures  ■ —  all  dramatically  increase  the  rate  of  fragmenta¬ 
tion.  If  fragmentation  is  not  addressed  daily,  system 
performance  will  suffer.  Fragmentation  increases  the 
time  to  access  files  for  all  common  system  activities 
such  as  opening  and  closing  Word  documents,  search¬ 
ing  for  e-mails,  opening  Web  pages  and  performing 
virus  scans,  and  executing  database  searches  and 
transactions.  To  keep  performance  at  peak,  defrag¬ 
mentation  must  be  done  daily  on  all  systems. 

IT  Managers  use  Diskeeper's"Set  It  and  Forget  lt"opera- 
tion  for  automatic  network-wide  defragmentation. 
Customers  agree  Diskeeper  maintains  the  performance 
and  reliability  of  all  their  desktops  and  servers,  even 
reducing  maintenance  and  increasing  hardware  life. 

Every  system  on  your  network  needs  Diskeeper,  the 
Number  One  Automatic  Defragmenter.  Special  offer: 

Try  Diskeeper  1 0  FREE  for  45  days!  Download  at 
www.diskeeper.com/nww5  (Note:  Special  45-day 
trialware  is  only  available  at  the  above  link). 

Volume  Licensing  and  Government/Education  dis¬ 
counts  are  available  from  your  favorite  reseller  or  call 
800-829-6468  Ext.  4371. 
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COMPANY:  The  Siemon  Company™ 

OVERVIEW:  Established  in  1903,  Siemon™  special¬ 
izes  in  the  manufacture  and  innovation  of  high- 
performance  network  cabling  solutions.  One  of  only 
three  network  cabling  companies  with  true  global 
capabilities,  Siemon  offers  the  most  comprehensive 
suite  of  copper  and  fiber  cabling  systems  available. 
With  over  400  active  patents  specific  to  structured 
cabling,  Siemon  Labs™  invests  heavily  in  R&D  and 
industry  standards,  underlining  the  company's  long¬ 
term  commitment  to  its  customers  and  the  industry. 

CHALLENGE:  According  to  the  London  Metal 
Exchange,  the  price  of  copper  has  tripled  in  the  past 
four  years,  rising  over  59%  between  January  and  May 
of  2006  alone.  With  copper  prices  soaring  globally 
and  showing  little  signs  of  stabilizing,  network  cabling 
companies  have  been  forced  to  adjust  copper  cable 
pricing  accordingly. 

SOLUTION:  Through  the  standards-accepted  prac¬ 
tice  of  cable  sharing,  Siemon's  fully-shielded  category 
7/class  FTERA®  cabling  system  allows  up  to  4  applica¬ 
tions  to  run  over  a  single  cable,  potentially  reducing 
the  number  of  copper  cabling  channels.  By  virtue  of 
individually  foil-wrapped  pairs  and  overall  screen, 

5/FTP  cable  allows  multiple  applications  to  run  with¬ 
out  internal  interference. 


S/FTP  cable  construction  is  further  supported  by  the 
TERA  4-quandrant  isolated  outlet  which  can  be  easily 
terminated  in  less  than  3  minutes.  Fitting  within  a 
standard  RJ  footprint,  the  combination  of  the  TERA 
outlet  and  TERA  to  RJ  patch  cords  allows  simple 
facilitation  of  cable  sharing.  As  with  traditional  cabling 
channels,  all  four  pairs  of  each  cable  are  terminated 
in  a  single  outlet.  However,  unlike  an  RJ  interface, 
the  TERA  outlet  can  support  up  to  4  one-pair  cords, 

2  two-pair  cords  or  a  combination  of  the  two,  without 
the  need  for  additional  splitters  or  adapters. 


Depending  on  the  applications,  a  singleTERA  cable  can 
replace  up  to  4  copper  channels.  With  copper  prices 
significantly  raising  the  cost  of  cable,  this  reduction  in 
total  cable  runs  can  provide  an  immediate  cost  benefit. 


Siemon's  in-depth  whitepaper  detailing  the  practice  of 
cable  sharing  is  available  online  at  www.siemon.com 
or  at  www.networkworld.com 
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800-945-4200 

www.siemon.com 


E-MAIL  NEWSLETTER  SHOWCASE: 
Network/systems  management 

Teaching  your 
TV  to  phone 
home  when  it’s 
not  feeling  well 


BY  JULIE  CRAIG 

Let’s  talk  about  some  emerging  management  standards 
specifications  and  how  they  relate  to  products  based  on 
service-oriented  architecture  or  Web  services. 

The  specifications  are  Web  Services  Distributed  Manage¬ 
ment  (WSDM)  and  its  related  specification  set,  Manage¬ 
ment  Using  Web  Services  (MUWS)  and  Management  of 
Web  Services  (MOWS).  Most  of  us  have  heard  that  WSDM 
is  a  vendor-  and  protocol-independent  way  for  manage¬ 
ment  technologies  to  access  information  generated  by 
management  agents.  But  what  does  this  really  mean  and 
why  should  we  be  interested? 

Management  of  systems  and  devices  relies  on  a  variety  of 
protocols,  including  an  ever-expanding  set  of  SNMP 
Management  Information  Bases  (MIB)  and  open  but  ven¬ 
dor-based  technologies  such  as  Windows  Management  In¬ 
strumentation  (WMl).WSDM  is  an  XML-enabled  specifica¬ 
tion  designed  to  run  over  a  service-oriented  architecture 
(SOA)  foundation.  WSDM,  MUWS  and  MOWS  collectively 
address  managed  devices,  but  also  open  the  management 
function  to  devices  not  considered  management-ready 

The  WSDM  Web  site  includes  a  resource  called  “An  In¬ 
troduction  to  WSDM,”  which  includes  a  great  example  of 
why  WSDM  was  proposed.  Electronics  are  proliferating  in 
the  consumer  marketplace,  with  accompanying  support 
challenges.  Although  problems  with  devices  such  as  PDAs 
are  relatively  easy  to  diagnose  and  fix, problems  with  bulky 
devices  aren’t  as  easy  to  resolve.  WSDM  introduces  func¬ 
tionality  similar  to  what  we  see  in  mainframe  computers  to 
the  entire  electronics  world  —  when  something  goes 
wrong,  connected  devices  can  send  messages  to  support 
teams  for  remote  diagnosis  and  repair  dispatch. 

MUWS  and  MOWS  are  the  specifications  that  make  this 
possible.The  interesting  thing  about  these  specs  is  they  pre¬ 
suppose  a  SOA  foundation.  MUWS  specifies  the  mecha¬ 
nism  for  managing  resources  using  a  Web  services  plat¬ 
form,  while  MOWS  addresses  the  management  of  the  Web 
service.Together  they  make  up  the  ideal  platform  for  man¬ 
aging  SOAs  and  their  underlying  technology  base. 

It’s  interesting  to  think  about  some  of  the  possibilities  this 
opens  up.  It  seems  the  limitations  are  basically  connectiv¬ 
ity  as  well  as  the  fact  that  TV  manufacturers,  for  example, 
don’t  typically  engineer  their  devices  for  management  — 
so  it  may  be  a  while  before  WSDM  becomes  a  standard  in 
the  commercial  marketplace.  But  it  sure  is  interesting  to 
think  about. 
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MIMO-based  wireless  LANs 


IMIMO  and  ‘draft  n'  gear  blazes  near  100Mbps,  but 
interoperability  among  vendors  remains  an  issue 


BY  CRAIG  J.  MATHIAS 

Two  years  after  the  first  multiple-input  multiple-output-based  wireless  LAN 
products  appeared,  we’re  finally  at  a  point  where  a  wide  array  of  systems  are 
available  for  residential  and  small  and  midsize  business  markets  (and  at 
least  one,  Bluesockets  BSAP-1700,is  aimed  at  the  enterprise). 


We  conducted  our  testing  over  the  course  of  a  month  at 
Network  Worlds  offices,  running  a  series  of  benchmarks  to 
evaluate  throughput  at  short  and  long  ranges,  as  well  as 
interoperability  We  also  examined  setup,  documentation, 
management,  configuration  and  ease  of  use  (see  “How  we 
did  it,”  page  38). 

Six  vendors  —  Asus,  Belkin,  Buffalo,  D-Link,  Linksys  and 

See  MIMO,  page  38 


NetResults 


Product 

ASUS  WL-566gM 
router,  WL-106gM 
adapter 

Buffalo  WZR- 
G240  router, 
WLI-CB-G240 
adapter 

Buffalo  WZR- 
G300N  router, 
WLI-CB-G300N 
adapter 

D-Link  DIR-635 
router,  BWA-645 
adapter 

Linksys 

WRT300N  router, 

WPC300N 

adapter 

Netgear 

RangeMax  240 
(WPNT834) 
router,  WPNT511 
adapter 

Netgear  WNR- 
834B  router, 
WN511B  adapter 

NetgearWNR- 
854T  router, 
WN511T  adapter 

Vendor 

Asus 

usa.  asus.com/ 
index.aspx 

BuffaloTech- 
nology  www. 
buffalotech. 

BuffaloTech- 
nology  www. 
buffalotech. 

D-Link  www. 
dlink.com 

Linksys  www. 
Iinksys.com 

Netgear  www. 
netgear.com 

Netgear  www. 
netgear.com 

Netgear  www. 
netgear.com 

com 

com 

Price 

Router,  $125; 
adapter,  $87. 

Router,  $130; 
adapter,  $86. 

Router,  $130; 
adapter,  $86. 

Router,  $135; 
adapter,  $86. 

Router,  $130; 
adapter,  $100. 

Router,  $120; 
adapter,  $80. 

Router,  $130; 
adapter,  $97. 

Router,  $144; 
adapter,  $97. 

Score 

Router,  4.05; 
adapter,  4.55. 

Router,  3.95; 
adapter,  3.73. 

Router,  3.05; 
adapter,  3.0. 

Router,  3.35; 
adapter,  2.95. 

Router,  3.55; 
adapter,  3.33. 

Router,  3.4; 
adapter,  3.53. 

Router,  3.0; 
adapter,  3.13. 

Router,  2.9; 
adapter,  3.03. 

Costs  calculated  by  Buy.Com  Web  search  on  July  31,  2006 


Routers 


The  Breakdown 

Asus  WL-566gM 

Buffalo  WZR-G240 

Linksys  WRT300N 

Netgear  RangeMax  240 

D-Link  DIR-635 

Buffalo  WZR-G300N 

Netgear  WNR-834B 

Netgear  WNR-854T 

Performance  40% 

5 

4.5 

3.5 

4 

3 

3 

3 

3 

Config./features  25% 

4 

4 

3 

3 

3 

3 

3 

3 

Mgmt./ease  of  use  15% 

3 

3 

4 

3 

4 

3 

3 

3 

Setup  10% 

3 

3 

3 

3 

3 

2.5 

3 

3 

Documentation  10% 

3 

4 

5 

3 

5 

4 

3 

2 

Total  score 

4.05 

3.95 

3.55 

3.4 

3.35 

3.05 

3.0 

2.9 

Client  cards 


The  Breakdown 

Asus  WL-106gM 

Buffalo  WLI-G240 

Netgear  WPNT511 

Linksys  WPC300N 

Netgear  WN511B 

Netgear  WN511T 

Buffalo  WLI-G300N 

D-Link  DWA-645 

Performance  40% 

5 

4.5 

4 

3.5 

3 

3 

3 

3 

Config./features  25% 

5 

3.5 

3.5 

2 

3.5 

3.5 

3 

2 

Mgmt./ease  of  use  15% 

4 

3 

3 

3.5 

3 

3 

3.5 

3 

Setup  10% 

3 

3 

3 

4 

3 

3 

3 

3 

Documentation  10% 

4 

3 

3 

5 

3 

2 

5 

5 

Total  score 

4.55 

3.73 

3.53 

3.33 

3.13 

3.03 

3.0 

2.95 

Scwiig  Key:  5:  Exceptional:  4:  Very  good:  3:  Average:  2:  Below  average;  1:  Subpar  or  not  available 
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Register  by  August  1 8  and  save  up  to  $300. 

Enter  priority  code  MLHWNY32  at  www.interop.com/ succeed 


www.interop.com/ succeed 


INTEROP  makes  you  succeed.  Getting  the  right  information,  to  the  right  people,  at  the  right 
time.  That's  the  ultimate  measure  of  IT  success.  And  there's  no  better  place  to  learn  how  to  succeed  than  at 
Interop  New  York.  With  over  100  educational  sessions  and  150+  exhibitors,  you'll  gain  first  hand  knowledge 
from  industry  leaders  and  get  hands-on  access  to  the  full  range  of  IT  solutions: 

VoIP  &  Collaboration  •  Data  Center  •  Infrastructure  &  Services 
Security  •  Storage  •  Application  Networks  •  Wireless  &  Mobility 


ExpOSltlOn-Open  to  All  Attendees 

See  more  than  1 50  exhibitors  to 
compare  the  full  range  of  IT  solutions 
before  you  buy. 


KeynOteS-Open  to  All  Attendees 

Scott  Kriens 

Chairman  and  CEO 

[EiJiiniper" 

sflES  NETWORKS  I 

John  Swainson 

President  and  CEO 

ca 

Ajei  Gopal 

Executive  Vice  President 
CTO 

Symantec. 

Web  2.0  For  the 
Enterprise  Panel 

j  Ross  Mayfield 

CEO 

Socialtext 

Andrew  McAfee 

Associate  Professor 
Harvard  Business  School 


3-Day  Conference 

Data  Center  Sessions  include: 

•  Storage  Consolidation  and 
Virtualization  Strategy 

•  Internet  Computing:  AJAX,  SOA 

•  Data  Center  Security  in  a  World 
Without  Perimeters 

•  Managing  the  Virtualized 
Data  Center 

Infrastructure  &  Services 
Sessions  include: 

•  The  Future  of  the  WAN 

•  Network  Management  for 
Converged  Networks 

•  Ethernet  MANs 

•  Application  Networks 

Network  Access  Control  (NAC) 
Sessions  include: 

•  NAC  Architectures:  Cisco,  Microsoft  and 
Trusted  Computing  Group 

•  Implementation  Issues 

•  Developing  a  Solid  NAC  Strategy 

•  See  Live  Demos  of  NAC  Products 

Wireless  &  Mobility 
Sessions  include: 

•  Voice  Over  WLAN 

•  Fixed  Mobile  Convergence  &  IMS 

•  The  Future  of  Mobile  Email 

•  Wireless  MANs:  Mesh  and  Wi-MAX 


Security  Sessions  include: 

•  Next  Generation  Firewalls  and 
Network  Security  Solutions 

•  Web  Application  Security 

•  Endpoint  Security  Concepts 
and  Techniques 


VoIP  &  Collaboration 
Sessions  include: 

•  VoIP  Security 

•  Architectures  for  Converged  Networks 

•  Video-Enabling  Presence  Portals 

•  Enhancing  Business  Apps  with  Voice 


WebOps  Summit  Sessions  include: 

•  AJAX,  Flash,  Rich  Clients  and 
Your  Network 

•  Monitoring  Website  Performance 

•  Is  Port  80  an  Open  Door? 


Workshops 

Choose  from  1 5  full  day  Workshops  for 
the  most  intensive  IT  training  available. 
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continued  from  page  35 

Netgear  —  submitted  a  total  of  nine  products.  SMC 
Networks  also  makes  MIMObased  equipment,  but  we 
were  unaware  of  its  products  at  the  time  of  testing. 
Bluesocket  was  not  ready  to  send  us  its  BSAP-1700  system 
for  testing.  During  our  tests  of  the  Belkin  system,  we 
encountered  a  bug  that  prevented  us  from  running  our 
tests;  a  fix  by  Belkin  was  not  completed  until  after  our  test¬ 
ing  was  finished. 

Although  the  products  tested  are  aimed  at  residential 
or  SMB  applications,  it’s  impor¬ 
tant  for  enterprise  IT  managers  to 
stay  on  top  of  MIMO-based  offer¬ 
ings,  because  they  point  the  way 
to  tomorrow’s  enterprise-class 
systems.  jl 

Today’s  MIMO-based 
clients  also  can  improve 
throughput  and  espe¬ 
cially  the  range  of  exist¬ 
ing  802.1  lg-based  con¬ 
nections;  Longer  range 
is  often  desirable  and 
even  necessary  (see 
“Why  buy  a  M1MO  PC 
card  now?”  page  39). 

Asus  wins  the  Clear 
Choice  Award  for  its 
stellar  performance 
and  outstanding  client- 
configuration  features. 

Buffalo’s  WZR-G240 
family  and  the  Linksys 
WRT300N  router  also 
earn  high  marks  for 
performance. 


►  HOW  WE  DID  IT 


New  ways  of  benchmarking  WLAN  systems 


The  Asus  router  and  adapter  per 
formed  best  in  our  tests. 


MIMO  primer 

Multiple-input  multiple-output  (MIMO)  wire¬ 
less  uses  different  waveforms  on  typically 
two,  but  sometimes  three  or  more  trans¬ 
mitting  antennas  inputting  to  the  channel  carrying 
radio  waves  from  Point  A  to  Point  B.  Multiple 
antennas  and  radios  (typically,  two  or  three)  also 
are  applied  to  the  output  of  the  radio  channel  at 
the  receiver,  along  with  a  lot  of  signal  processing, 
which  ideally  improves  range  and  throughput  com¬ 
pared  with  simpler  or  traditional  radio  designs 
operating  under  similar  conditions. 

MIMO  is  sometimes  referred  to  as  spatial  multi¬ 
plexing,  because  it  users  a  third,  spatial  dimension 
beyond  frequency  and  time  —  as  a  carrierfor 
.nformation.  The  multiplicative  effect  of  properly 
designed  MIMO  systems  can  be  dramatic:  As  our 
tests  show,  the  100Mbps  barrier  (application-layer 
throughput)  in  wireless  LANs  has  been  broken. 

-  .deed,  the  upcoming  802.1  In  standard  will  likely 
specify  raw  (physical  layer)  performance  as  high 
is  600Mbps  via  a  4-by-4  MIMO  array. 
iWMO  is  also  likely  to  have  an  influence  on  so- 
co lied  46  cellular  designs,  but  that’s  a  different 
story. 

-  CRAIG  MATHIAS 


BY  CRAIG  J.  MATHIAS 

Benchmarking  wireless  products  in  any  form  is  noto¬ 
riously  difficult,  especially  in  comparative  tests, 

The  primary  culprit  is  the  behavior  of  the  radio 
channel  itself.  This  is  the  element  of  the  physical  uni¬ 
verse  that  carries  the  radio  signal  from  Point  A  to  Point 
B  (we  hope).  We  say  “we  hope”  because,  while  radio 
certainly  obeys  the  laws  of  physics,  there  are  many 
statistical  variables  in  radio  transmissions.  For 
example,  it's  impossible  to  determine  exactly  how, 
or  even  if,  a  given  radio  signal  will  propagate  under 
a  given  set  of  conditions.  In  addition,  there  are  a 
variety  of  forms  of  signal  fading  and  interference. 
Antenna  orientation  is  yet  another  variable.  Any 
good  benchmark  must  take  these  factors  into 
account  and  minimize  their  impact  on  the 
results. 

The  first  step  we  took  to  minimize  variability 
was  to  monitor  the  radio  environment.  We  used  a 
spectrum  analyzer  to  see  a  graphical  representation 
of  energy  in  the  radio  band  being  used.  Good 
spectrum  analyzers  can  cost  $30,000  or  more, 
and  they  require  an  engineer  for  successful  oper¬ 
ation  in  most  cases.  In  our  tests,  we  used 
AirMagnet's  A5120  Sensor,  along  with  the  com¬ 
pany's  Enterprise  7.0  and  Spectrum  Analyzer 
(www.nwdocfinder.com/4621  and  4622,  respec¬ 
tively).  Enterprise  was  useful  in  visualizing 
802.11  traffic,  and  the  A5120  adds  a  chip  from  Cognio 
(www.nwdocfinder.com/4623)  that  let  us  analyze  energy 
of  any  form  in  the  2.5GHz  and  5GHz  bands.  Thus,  we 
could  find  the  best  channel  for  our  test  (it  turned  out  to 
be  Channel  1),  as  well  as  monitor  for  any  interference 
that  might  creep  in  (nothing  interfered  significantly). 

In  terms  of  antenna  orientation,  even  with  MIMO  tech¬ 
nology,  it’s  possible  to  place  a  notebook  computer  in  a 
less-than-optimal  position.  In  addition,  people  and 
objects  moving  in  the  environment  can  cause  a  fade.  To 
account  for  these  factors,  we  placed  our  notebook 
equipped  with  the  MIMO  PC  Card  on  a  turntable  that 
revolved  at  1  rpm  —  any  orientation  that  resulted  in  fad¬ 
ing  would  be  very  short-lived,  and  all  products  were  test¬ 
ed  under  the  same  radio  conditions.  Power  management 
was  disabled  on  the  rotating  notebook;  the  power  profile 
used  was  the  same  as  when  plugged  in. 

We  performed  two  key  tests  on  the  MIMO-based  wire¬ 
less  LAN  (WLAN)  systems:  rate  vs.  range  and  interoper¬ 
ability. 

Rate  vs.  range 

Unlike  wire,  wireless  performance  in  terms  of  through¬ 
put  can  vary  dramatically  with  range  —  the  greater  the 
range,  the  less  the  throughput.  This  is  primarily  because 
radio  waves  fade  as  they  propagate  through  space,  as 
signals  fade  exponentially  with  distance.  Other  forms  of 
fading  also  may  be  present.  One  of  these,  Rayleigh  fad¬ 
ing,  because  of  multipath,  is  less  of  a  factor  in  MIMO 
implementations,  as  MIMO  requires  and  depends  on 
multipath  for  better  performance. 

We  tested  all  homogeneous  pairs  of  products  (client 
card  and  router  from  the  same  vendor  and  product  fam¬ 
ily)  at  a  short  (approximately  22  feet)  and  a  long  (about 
81  feet)  distance.  Two  PCs  (a  Panasonic  Toughbook  CF- 
74  and  HP  Compaq  Nx6125  running  Windows  XP  with 
Service  Pack  2,  fully  patched)  connected  to  the  router 
generated  the  iPerf  traffic.  The  PCs  and  router 


remained  in  the  same  location  —  a  conference  room 
with  a  large  glass  window  and  open  door  —  for  both  dis¬ 
tance  tests,  Two  PCs  are  required,  because  the  through¬ 
put  available  in  a  MIMO  link  easily  could  exceed  the 
100Mbps  physical-layer  data  rate  of  a  single  PC  con¬ 
nected  by  Ethernet. 

The  client  location  for  the  long-distance  test  also  had 
windows  and  an  open  door,  but  a  partially  obstructed  line 
of  sight:  Intervening  space  was  occupied  by  cubicles. 

Interoperability  tests 

Because  there  is  no  test  for  interoperability  of  MIMO- 
based  products  (at  least  when  operating  in  full-speed 
MIMO  mode),  we  felt  it  was  important  to  examine  inter¬ 
operability  in  the  light  of  vendor  claims  of  draft  802.1 1  n 
or  "draft-n"  compliance  (see  “The  draft-n  controversy" 
at  www.nwdocfinder.com/4726).  In  addition,  we  wanted 
to  see  what  speeds  users  could  expect  for  interoperabil¬ 
ity  in  real-world  settings.  Mixed-mode  configurations  are 


Stretching  the  truth 

Numbers  that  most  vendors  use,  most  notably 
along  the  lines  of  240Mbps  or  300Mbps,  are 
not  wrong,  strictly  speaking,  but  these  are 
physical-layer  signaling  rates  (akin  to  the  100Mbps 
of  Ethernet).  These  vary  significantly  (upshifting 
and  downshifting)  during  an  individual  test  run. 
This  is  why  it's  important  to  test  Layer  7  applica¬ 
tion  throughput  and  not  rely  on  vendor  claims  of 
performance  that  can  never  be  realized. 


expected  to  be  common  until  early  2009. 

For  heterogeneous  products  (different  client  and 
router),  we  tested  interoperability  and  performance  only 
in  the  short-range  scenario. 

Test  procedures  and  objectives 

Our  core  objective  in  setting  our  procedures  for  this 
series  of  tests  was  the  application  of  techniques  that 
enterprise  IT  staff  could  use  themselves.  We  therefore 
used  off-the-shelf  tools,  including  the  free  Iperf  LAN 
benchmark  (see  www.nwdocfinder.com/4725)  and 
Enterprise  7.0  as  a  configuration  aid  and  monitor  of 
802.11  traffic  and  overall  spectrum  quality  during  all 
benchmark  runs. 

All  the  routers  were  set  up  manually;  we  did  not  use 
the  CDs  that  came  with  each  product.  We  checked  ven¬ 
dor  Web  sites  for  the  latest  drivers  and  firmware  for  all 
products  at  the  start  of  the  project,  and  did  not  do  any 
updates  during  testing.  Client  drivers  were  set  up  via  the 
CD  that  came  with  each  product,  again  checking  for 
any  software  (drivers  and  client  applications)  or 
firmware  revisions. 

The  only  changes  in  router  settings  were  for  IP 
address,  radio  channel,  Service  Set  Identifier  and  securi¬ 
ty  (Wi-Fi  Protected  Access  2  with  Advanced  Encryption 
Standard  encryption).  We  used  client  software  provided 
by  the  vendors  in  all  cases,  which  was  better  than  the 
weak  but  convenient  Zero  Configuration  tool  built  into 
Windows  XP. 

The  project  included  more  than  35  hours  of  testing. 
Anomalous  results  were  investigated  where  noted,  and 
replacement  runs  were  attempted  in  these  cases. 
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Performance  tests 

When  we  tested  homogeneous  sys¬ 
tems  (with  client  card  and  router 
from  the  same  vendor  and  product 
family),  the  results  did  not  surprise  us. 

The  three  top-performing  products 
(from  Asus,  Buffalo  and  Netgear)  were 
all  models  that  had  been  on  the  mar¬ 
ket  for  some  time,  and  all  are  based 
on  the  third-generation  MIMO  chipset 
from  Airgo  Networks,  Earlier  tests  we 
performed  showed  the  superiority  of 
Airgo’s  products,  which  makes  sense, 
considering  the  length  of  time  the 
company  has  been  building  MIMO 
chips.  Among  the  newer  products,  the 
Linksys  router-client  pair  performed 
quite  well. 

Netgear s  WNR-854T-WN511T  product 
pair  showed  great  promise  with  a 
record-setting  (for  this  test,  anyway) 

120.1Mbps  upstream  (from  access 
point  to  client)  data  rate,  but  a  strange 
18Mbps  (an  802.1  lg  rate)  in  the  other 
direction.  Subsequent  discussions  with 
staff  at  Marvell  (the  vendor  of  the 
MIMO  chipset  in  these  products)  didn’t 
yield  a  satisfactory  explanation.  Marvell 
says  it  has  achieved  performance  in 
excess  of  100Mbps  in  both  directions 
but  did  not  produce  documentation  for  this  claim. 
Nonetheless,  we  were  impressed  with  the  great  perfor¬ 
mance  in  one  direction. 

The  top  performer  in  the  short-  and  long-range  tests  was 
the  Asus  WL-566gM/WL-106gM  pair.  Asus  also  wins  a  truth- 
in-advertising  award  for  achieving  almost  100Mbps,  just  as 
it  says  on  the  boxes. 

Fun  with  interoperability 

Absent  a  Wi-Fi  Alliance  interoperability  test  (or  one  of 
equivalent  nature),  our  expectations  for  interoperability 
were  fairly  low,  and  the  testing  did  not  disappoint. There  was 
a  significant  problem  with  the  connectivity  of  several  prod¬ 
uct  combinations,  all  related  to  security  settings  (our  tests 
required  Wi-Fi  Protected  Access  2  security  to  be  turned  on). 
Several  vendors  noted  upcoming  firmware  upgrades,  but 
basic  interoperability  remains  a  challenge  in  many  cases. 

Overall  performance  levels  in  interoperability  tests 
were  typically  in  the  20Mbps  range  (what  you’d  see  with 


MIMO  performance 


802.1  lg),  but  we  also  saw  fine 
interoperability  between  products 
based  on  the  same  WLAN 
chipsets. 

Other  features 

Performance  counted  for  only 
40%  of  the  total  score;  we  also  eval¬ 
uated  configuration,  features,  man¬ 
agement,  ease  of  use,  setup  and 
documentation.  We  liked  the  set  of 
client  functionality  included  in  the 
Asus  product.  While  Asus’  perform¬ 
ance  impressed  us,  we  feel  a  little 
more  attention  should  be  paid  to 
the  wording  of  messages  shown 
during  the  installation  process. 

We  were  confused  by  the  nearly 
identical  packaging  and  industri¬ 
al  design  of  Netgear’s  WNR-834B 
and  -845T  routers.  We  would  cau¬ 
tion  buyers  to  carefully  match 
respective  clients  when  purchas¬ 
ing  these  (the  boxes  also  look 
alike),  as  performance  will  clear¬ 
ly  be  below  expectations  if  an 
error  is  made  here. 

D-Link  and  Linksys  scored  high 
for  fine  user  manuals. 

We  also  liked  the  automatic 
check  for  firmware  upgrades  that  Buffalo’s  equipment  per¬ 
forms,  as  well  as  the  similar  functionality  on  the  Linksys 
WRT300N  (along  with  its  easy-to-use  interface  and  diag¬ 
nostic  features).  We  weren’t  crazy  about  the  industrial 
design  of  the  otherwise  stylish  Buffalo  WZR-G300N  router. 
In  addition,  some  of  the  indicator  lights  are  on  the  front 
and  some  are  on  the  back,  making  shelf  placement  proble¬ 
matic.  We  found  the  D-Link  products  easy  to  use. 

Implications  for  the  enterprise 

We  remain  convinced  that  MIMO  will  be  key  in  future 
WLANs.  The  technology  is  proven  and  clearly  can  be  pro¬ 
duced  in  cost-effective,  easy-to-use  products.  We  would  be 
hard  pressed  to  recommend  a  WLAN  product  that  was  not 
based  on  MIMO, at  least  in  residential  or  SMB  applications. 

While  absolute  throughput  and  capacity  are  not  very 
important  in  most  residential  applications  (the  fastest 
Internet  connections  available  to  most  people  are 
6M  to  8Mbps,  and  wireless  high-definition  TV  dis¬ 


Short-range 

Throughput  (Mbps) 

Asus 

93.33 

Buffalo  240 

85.75 

Netgear  240 

74.92 

Netgear  854 

68.68 

Linksys 

66.03 

Buffalo  300 

60.60 

Netgear  834 

57.22 

D-Link 

47.18 

Long-range 

Throughput  (Mbps) 

Asus 

69.42 

Buffalo  240 

64.12 

Netgear  240 

54.87 

Linksys 

52.10 

D-Link 

49.52 

Netgear  834 

46.65 

Buffalo  300 

43,28 

Netgear  854 

41.77 

More  online 

Head  to  NetworkWorld.com  for  more  testing 
details  and  articles  from  our  MIMO  wireless 
LAN  test,  including: 

•  Exclusive  video:  Senior  Product  Testing 
Editor  Keith  Shaw  and  Farpoint  Group’s  Craig 
Mathias  offer  a  video  tour  of  the  testbed  and 
methodology,  including  a  look  at  the  spinning 
turntable. 

•The  draft-n  controversy:  Is  it  possible  to  be 
compliant  with  a  draft? 

•Additional  charts  and  testing  results. 
www.nwdocfinder/4726 
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Why  buy  a  MIMO  PC  card  now? 


I  ost  new  notebooks  today  come  with  at  least  802.1 1  g  built  in,  so  why  add  a  PC  card 
wireless  LAN  (WLAN)  adapter?  In  the  case  of  multiple-input  multiple-output  (MIMO) 

I  technology,  we  find  it  useful  to  go  the  aftermarket  route  when  one  requires  greater 
range  than  is  possible  with  the  built-in  WLAN  adapter.  Dell  is  shipping  some  notebooks  with 
a  provision  for  the  third  built-in  antenna  required  by  MIMO,  but  this  is  not  common.  Users 
today  can  take  advantage  of  the  greater  effective  range  of  MIMO  with  a  simple  plug-in 
upgrade.  This  technique  also  will  work  for  enterprises,  with  the  MIMO  adapter  operating 
in  802.1  lg  mode.  The  quality  of  the  link  is  improved,  even  with  MIMO  on  only  one  end. 

While  the  top  speeds  possible  with  MIMO  on  both  ends  are  even  better,  this  "better 
than  g"  approach  can  prove  quite  useful. 

-  CRAIG  MATHIAS 


tribution  remains  rare),  range  is  far  more  often  an  issue. 
We  frequently  see  situations  where  a  MIMO-based  prod¬ 
uct  could  easily  deliver  a  usable  —  and  sometimes  great 
—  signal  to  locations  where  a  typical  residential  wireless 
system  could  not. 

Enterprise  applications  increasingly  rely  on  the  opposite 
approach,  installing  more  access  points  with  less  cover¬ 
age,  and  therefore  have  less  of  a  requirement  for  range. 
These  dense  deployments  offer  much  more  capacity 
because  of  the  decrease  in  range  (and  thus  stronger  sig¬ 
nals),  as  well  as  fewer  users  per  microcell  at  any  given 
time.  Careful  centralized  management  and  control,  partic¬ 
ularly  of  radio-frequency  parameters,  is  essential  to  make 
this  strategy  work. 

MIMO  in  the  enterprise,  therefore,  likely  will  be  used  to 
improve  throughput  beyond  the  22M  to  25Mbps  maxi¬ 
mum  of  802.1  lg  and  802.1  la.  Indeed,  we  expect  100Mbps 
effective  throughput  to  be  on  the  lower  end  of  802.1  In 
performance,  exceeding  by  a  wide  margin  the  100Mbps 
(signaling  rate,  not  application  throughput)  of  typical 
wired  Ethernet. 

Our  tests  also  showed  enterprises  are  almost  certainly 
better  off  waiting  for  the  802.1  In  standard  to  be  com¬ 
pleted  before  installing  MIMO-based  products.  While  we 
still  recommend  using  MIMO  to  deliver  an  802.1  lg 
waveform  with  improved  range  and  reliability,  we  don’t 
expect  most  of  the  enterprise-class  WLAN  vendors  to 
roll  out  MIMO  access  points  until  the  802.1  In  standard 
is  much  further  along. 

Airgo, for  example, says  it  intends  to  produce  an  802.1  In 
chipset  by  year-end,  and  the  standard  should  be 
mostly  ironed  out  by  then.  We  expect  it  to 
be  completed  no  later  than  mid-2007. 
We  expect  lots  of  MIMO  products 
to  come  out  then  and  become 
ubiquitous  by  early  2009.The  stan¬ 
dard  will  almost  certainly  allow 
backwards  compatibility  to  earlier 
802.11  physical-layer  signaling  rates, 
but  we  expect  a  rapid  and  massive 
upgrade  to  802.1  In  —  again,  when  it’s 
done. 

Until  then,  expect  to  see  rapidly  evolv¬ 
ing  chipsets,  drivers,  firmware  and  many 
more  MIMO-based  WLAN  products. Despite 
; some  of  the  quirkier  test  results,  we  remain 
encouraged  that  wireless  will  become  the 
default  LAN  connection  for  almost  everyone 
in  the  not-too-distant  future. 

Mathias  is  a  principal  at  Farpoint  Group,  a  uiire 
less  advisory  firm  in  Ashland,  Mass.  He  can  In- 
reached  at  craig@farpointgroup.com. 


uymphomx  watches  users, 
traffic,  but  hits  a  few  bumps 


$3,600;  includes  100  user  licenses  and  one  year 
of  subscription  updates.  Additional  user  licenses 
available  at  extra  cost. 

Pros:  Provides  good  network  visualization  for 
users  and  applications;  offers  simple 
bandwidth  management  with  easy 
configuration. 


BY  JOEL  SNYDER,  NETWORK  WORLD  LAB  ALLIANCE 

Cymphonix  s  Network  Composer  DC30X  is  a  security  appliance  designed  to  sit 
quietly  between  users  and  the  Internet,  blocking  viruses  and  spyware,  report¬ 
ing  on  user  and  application  bandwidth, and  shaping  traffic.  Its  intended  to  let 
you  manage  bandwidth  to  keep  downloads  from  interfering  with  voice  or 
other  critical  traffic,  as  well  as  give  you  a  sense  of  what  your  users  are  doing  on 
the  network. 


We  tested  Network  Composer  on  our  production  network 
(see  “How  we  did  it”  at  www.nwdocfinder.com/4638)  and 
found  Cymphonix  still  has  a  number  of  rough  edges  to 
smooth. 

What  it  is 

We  unpacked  Network  Composer  and  dropped  it  in 
front  of  local  and  branch  users.  Installation  was  simple 
and  quick  —  the  box  has  a  user-side  Ethernet  port,  an 
Internet-side  port, and  Ethernet  and  serial  connections  for 
management. 

Cymphonix  touts  Network  Composer  as  a  transparent 
Ethernet  bridge  (it  also  acts  as  a  simple  router/firewall),  but 
transparent  isn’t  the  right  adjective.  We  ran  into  problems 
every  time  we  tried  to  install  it  in  our  network,  because  it 
doesn’t  act  like  a  bridge.  As  Cymphonix  was  quick  to  point 
out,  Network  Composer  is  designed  for  very  constrained 
environments:  no  dynamic  routing,  very  simple  network 
topologies,  mostly  Windows  and  Active  Directory  users,  and 
a  wide-open  outgoing  firewall  policy  We  discovered  that 
using  Network  Composer  in  other  environments  will  cause 
network  interruption. 

Explaining  what  Network  Composer  does  could  take  the 
rest  of  this  review  —  basically,  the  product  has  three  broad 
functions.  First,  it  monitors  Internet  traffic  and  reports  on 
network  use  by  application  category  (for  example,  HTTP  or 
chat)  and  by  user  (users  are  defined  by  IP  address,  media 
access  control  address  (in  very  small  networks)  or  Active 
Directory).  Second,  it  lets  you  define  bandwidth  limits  and 
enforce  those  limits. Third,  it  has  antispyware,  URL  filtering 
and  antivirus  security  features. 

The  strongest  part  of  Network  Composer  was  its  monitor¬ 
ing  and  traffic  reporting.  Traffic  flows  are  divided  into  13 
broad  application  categories,  with  a  14th  category  for 
everything  else.  The  Web  interface  let  us  see  traffic  load 

mong  these  categories  using  a  top  10  list;  we  could  drill 
d'  n  into  individual  applications,  and  from  there  to  indi¬ 
vidual  users.  Network  Composer  kept  track  of  users  and 
*'*  v  stained  iogs  of  their  bandwidth  use,  application  mix, 
Web  .sites  visited,  Web  categories  and  instant  messages. The 
box  even  luns  Nmap  against  users,  keeping  track  of  open 


and  closed  ports. 

The  interface  for  monitoring  was  elegant  and  easy  to 
understand  and  use.  When  you  get  to  the  page  you  want, 
you  can  broaden  the  time  covered  (last  24  hours  is  the 
default), e-mail  the  page, or  extract  it  in  a  PDpExcel  or  XML 
file.  This  makes  it  easy  to  answer  the  common  questions, 
“What  is  my  Internet  connection  being  used  for?”  and 
“What  are  the  users  actually  doing?” 

The  system  also  generated  and  e-mailed  reports  (on- 
demand  or  scheduled)  covering  the  same  information 
available  in  the  Web  GUI. The  system’s  alerting  feature  sent 
us  e-mail  whenever  certain  criteria  were  met.  The  system 
worked  well,  and  we  were  pleased  to  see  that  Network 
Composer  designed  hysteresis  (the  process  of  delaying  the 
sending  of  alerts  for  a  period  of  time  to  allow  repeated 
ones  to  accumulate)  into  the  product  so  alerts  don’t  over¬ 
whelm  administrators. 

Because  Network  Composer  sits  between  users  and  the 
Internet,  everything  is  focused  on  users’  use  of  bandwidth 
and  resources. This  means  if  you  have  Web  servers  on  the 
inside,  you  won’t  want  to  put  them  inside  Network 
Composer,  because  it  doesn’t  differentiate  between  Web 
servers  and  Web  users  (Cymphonix  says  it  is  working  on  a 
fix  for  this). 

We  discovered  some  bugs  in  the  reporting  and  monitor¬ 
ing  interface,  such  as  wildly  incorrect  numbers  for  active 
users,  packet-per-second  rates,  IP  connection  counts  and 
even  internal  temperature  readings  (for  example, “average 
temperature:  0  degrees  F’).  We  also  found  some  uneven 
coverage:  Although  the  box  is  supposed  to  log  IM  traffic,  it 
missed  traffic  and  generated  spurious  messages  while  we 
tested  AOL  Instant  Messenger  traffic,  and  missed  Jabber 
and  Bonjour  traffic  entirely  Cymphonix  says  the  AOL  prob¬ 
lems  are  a  known  bug. 

Bandwidth  management,  the  second  major  function,  was 
simple  and  offered  broad  knobs,  which  can  be  used  at  the 
application  level  (across  all  users)  or  at  the  user  level 
(across  all  applications).  We  had  to  select  in  a  system  set¬ 
ting  whether  application  or  user  limits  take  precedence;  we 
couldn’t  combine  them.  A  different  limit  can  be  set  for 
upstream  vs.  downstream  maximums,  and  each  limit  has 


Cons:  More  bugs  than  expected,  especially  in 
security  features;  requires  particularly 
restrictive  network  topologies. 


The  Breakdown 


Network  visualization  25% 

4 

Bandwidth  management  20% 

3.5 

Security  features  20% 

2.5 

Management  15% 

4 

Flexibility/transparency  10% 

3 

Installation/ease  of  use  10% 

4 

Total  score 

3.5 

Scoring  Key: 

5:  Exceptional. 

4:  Very  good. 

3:  Average. 

2:  Below  average. 
1:  Subpar  or  not 
available. 


one  of  seven  priorities  associated  with  it,  to  further  sort 
users  or  applications  when  available  bandwidth  runs  out. 

In  testing,  we  dropped  bandwidth  limits  into  some  appli¬ 
cations  and  then  sent  traffic  through  the  box,  with  very 
good  results.  We  could  control  total  bandwidth  used  in 
both  directions  on  well-behaved  applications.  In  one  test 
case  using  BitTorrent,  however,  traffic  wasn’t  properly  rec¬ 
ognized  and  the  bandwidth  wasn’t  limited.  In  tests  of  user- 
based  bandwidth  limits,  Network  Composer  excelled  at 
keeping  usage  under  control. 

The  weakest  link  of  Network  Composer  is  its  security  ser¬ 
vices.  We  found  that  antivirus  scanning  worked  on  only  one 
protocol:  HTTP  Port  80. We  also  got  very  inconsistent  results 
—  loading  the  same  Web  page  with  a  virus  on  it  10  times, 
the  box  blocked  the  virus  only  six  times.  Network 
Composer  was  able  to  identify  viruses  in  e-mail  we  read 
using  a  browser,  but  didn’t  block  viruses  on  any  other  HTTP 
port  or  using  any  other  protocol. 

Wrapping  it  up 

Network  Composer  has  a  sweet  spot  —  it  provides  small 
networks  with  visibility  into  application  and  user  traffic.The 
combination  of  a  Web  GUI,  speedy  reporting,  drill-down 
capabilities  and  an  intuitive  interface  make  network  visi¬ 
bility  an  ideal  use  for  this  inexpensive  device.  When  you 
add  application  bandwidth  management,  it  becomes  an 
attractive  option  for  school  or  university  networks,  where 
application-throttling  is  important. 

In  an  enterprise  environment,  Network  Composer  isn’t 
quite  as  good  a  fit.  Visibility  is  interesting  to  any  network 
manager, but  this  isn’t  a  high-speed, high-end  network  appli¬ 
ance.  Its  weak  security  features  and  lack  of  critical  control 
functions  mean  Network  Composer  would  be  a  better  tool 
for  small  branch  offices  than  for  a  corporate  data  center. 

Snyder  is  a  senior  partner  at  Opus  One,  an  IT  consulting 
practice,  where  he  specializes  in  network  security  and  archi¬ 
tecture,  e-mail  management  and  security,  and  data  center 
operations.  He  can  be  reached  at  Joel. Snyder@OpusI  .com. 
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This  Event  is  for: 

•  CSOs  •  IT  Professionals 

•  CTOs  •  Directory  Services  Management 

•  CIOs  •  Identity  Management  Professionals 

•  Security  Professionals  •  IT  Security  Architects 

Call  us  at  800-949-9370  for  group  pricing  -  we  will  work  with  you  to  make 
sure  that  you,  and  your  organization,  are  fully  informed  and  armed  to  meet 
the  challenges  of  digital  identity,  and  to  manage  them  successfully. 


Join  us  at  Digital  ID  World, 

the  World's  Leading  Identity  Conference. 

Register  today! 

iiiujiij.digitalidiiJorld.com/register 

Use  priority  code  D0201  to  receive  your  Early  Bird  Pricing! 


Digital  ID  World  is  THE  opportunity  to  examine  real  world  deployments  by  the 
individuals  who  actually  execute  them.  Participate  in  in-depth  discussions  with 
your  peers,  providing  you  with  the  facts  of  how  digital  identity  is  being  leveraged 
to  help  integrate,  manage  and  secure  your  business.  Get  the  expertise  and 
industry  contacts  you  need  to  make  impactful  decisions! 

Key  Issues  Being  Examined  Include: 

•  Leveraging  Identity  for  Compliance 

•  Guarding  Against  Identity  Fraud  &  Phishing 

•  Understanding  New  Guidelines  for  Strong  Authentication 

•  Consolidating  and  Integrating  Directories 

•  Virtualizing  Directories 

•  Convergence  of  Physical  &  IT  Security 

•  Suites  vs.  Solution:  Deciding  on  Architectural  Approaches 

•  The  Identity  Metasystem 

•  Bottoms-up  Identity 

•  Identity-based  Network  Security 


Jabber  appliance  IMpresses 
with  ease  of  installation,  use 


$5,000  for  100  users.  Active  Directory  option  is 
$495;  Message  Archive  and  Reporting  option  is 
$999. 

Pros:  Quick  setup;  interoperable  with  AOL 
Instant  Messenger  and  GoogleTalk. 

Cons:  Expensive;  security  does  not  block  IM- 
borne  malware. 


BY  BARRY  NANCE,  NETWORK  WORLD  LAB  ALLIANCE 

Instant  messaging  is  technically  the  storing  and  forwarding  of  notes  that  peo¬ 
ple  type  to  each  other.  From  a  business  perspective,  however,  IM  is  fast 
becoming  an  essential  medium  for  communicating  between  employees 
and  between  companies.  But  what  messages  are  people  typing?  Are  some 
inappropriate?  Can  they  lead  to  legal  liabilities  for  the  company?  Security 


The  Breakdown 


Messaging  30% 

4 

Security  20% 

3 

Ease  of  use  20% 

4 

Interoperability  20% 

4 

Installation/documentation  10% 

3 

Total  score 

3.7 

Scoring  Key: 

5:  Exceptional. 

4:  Very  good. 

3:  Average. 

2:  Below  average. 
1:  Subpar  or  not 
available. 


and  legal  compliance  are  causing  companies  of  all  sizes  to  implement  inter¬ 
nally  managed  IM  systems. 


Jabber  says  its  JabberNow  appliance  creates  an  IM  envi¬ 
ronment  that  is  easy  to  install,  simple  to  maintain,  highly 
secure  and  interoperable  with  other  IM  systems.  In  our 
tests,  we  found  the  device  lived  up  to  our  expectations. 

JabberNow  was  easy  to  install  and  administer.  Each 
device  could  support  as  many  as  a  few  hundred  clients, 
and  it  worked  well  with  Active  Directory  AOL  Instant 
Messenger  and  GoogleTalk.  It  also  enforced  good  message 
privacy  on  the  local  network.  We  did  have  some  concerns 
—  the  appliance  wasn’t  able  to  thwart  a  malware  attack,  it 
is  too  small  to  fit  into  a  rack  space, and  we  think  the  license 
fees  are  somewhat  higher  than  they  should  be.  But  overall 
JabberNow  quickly  and  painlessly  lets  a  company  set  up  a 
business  IM  environment. 

Great  response,  good  features 

The  system  responded  well  during  our  tests,  even  when 
we  simulated  100  and  then  200  concurrent  users  (see“How 
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We  connected  the  JabberNow  appliance  to  a 
local  Fast  Ethernet  network  containing 
Windows,  Linux  and  Mac  clients  along  with 
a  variety  of  file,  Web  and  database  servers.  We  also 
tested  JabberNow’s  integration  with  AOL  Instant 
Messenger  and  GoogleTalk  public  IM  services.  We 
used  keyboard  playback  scripts  to  drive  JabberNow 
clients  to  simulate  100  and  200  concurrent  IM  ses¬ 
sions  For  our  security  test,  we  obtained  a  copy  of 
the  \\  32/SDbot-ADD  worm  from  an  antimalware 
vendor  and  sent  the  worm  via  the  JabberNow 
■  vice  to  our  clients.  We  set  up  a  Windows  Server 
200' t  Primary  Domain  Controller  configured  for 
OcLm  Directory  to  test  JabberNow’s  Active  Direc¬ 
tory  integration. 


we  did  it”).  JabberNow  impressed  us  with  useful  collabora¬ 
tion  features,  such  as  presence-based  IM  and  text  confer- 
encing.The  unit’s  internal  database  archived  all  our  IM  traf¬ 
fic,  giving  us  an  audit  trail  in  case  we  needed  to  produce 
messages  for  compliance  or  legal  reasons.  The  audit  trail 
records  such  details  as  the  source  user  ID,  destination  user 
ID,  and  date  and  time  of  each  message. 

The  audit  trail  and  message  base  are 
searchable.  The  message-store  backup 
feature  creates  a  snapshot  for  copying  or 
restoring  message  activity 

The  appliance  operates  in  one  of  three 
modes  —  it  can  process  local  IM  traffic, 
local  and  remote  IM  traffic,  or  local, 
remote  and  intracompany  IM  traffic.You 
select  a  mode  by  giving  the  device  an  IP 
address  accessible  only  on  the  local  net¬ 
work  or  from  remote  computers,  by 
inserting  entries  in  your  company’s  DNS 
server  tables  and  enabling  or  disabling 
IM  ports  in  your  firewall.  You  therefore 
control  access  to  JabberNow  by  using 
your  network’s  own  access-control 
mechanisms. 

When  exchanging  IM  with  other  com¬ 
panies’  networks,  JabberNow  uses  the 
Extensible  Messaging  and  Presence 
Protocol  (XMPP)  standard. 

JabberNow  encrypts  all  IM  traffic, 
ensuring  confidentiality  as  messages 
cross  the  network.  However,  the 
device  lacks  the  ability  to  detect  and  thwart  IM-borne  mal¬ 
ware.  When  we  attacked  the  JabberNow  IM  environment 
with  the  W32/SDbot-ADD  worm  (a  rootkit-based  program 
that  lets  hackers  control  your  computer),  we  easily  infected 
all  our  IM  clients.  Any  IM-borne  malware  would  have  had 
the  same  result. 

In  contrast  to  GoogleTalk,  connecting  to  AIM  requires  a 
digital  certificate,  which  is  obtained  from  AOL  and 


uploaded,  along  with  a  private  key,  into  JabberNow.  Clients 
then  communicate  with  AIM  users  via  AIM  buddy  lists. 

Another  option  tells  JabberNow  to  store  its  IM  user  IDs  in 
Active  Directory  instead  of  in  the  default  internal  Jabber¬ 
Now  data  store.  Integrating  JabberNow  with  Active  Di¬ 
rectory  also  added  a  button  to  the  Jabber  client  interface, 
which  gave  us  searchable  access  to  Active  Directory’s  lists 
of  IM  user  IDs. 

The  8.5-  by  6.6-  by  3.3-inch  appliance  sits  on  a  table  or 
mounts  on  a  wall,  but  it  was  too  small  to 
rack-mount.  We  believe  the  roughly  $50- 
per-seat  license  fee  should  be  $25  to  $30, 
about  the  same  price  you  would  pay  an 
ISP  for  an  e-mail  account. 

Plug  it  in  and  go 

Installing  JabberNow  involved  con¬ 
necting  it  to  a  hub  or  switch,  powering  it 
up,  assigning  an  IP  address  and  stepping 
through  a  few  configuration  items.  Each 
JabberNow  user  downloads  the  Jabber 
client  from  the  appliance.  The  network 
administrator  can  convert  preexisting  IM 
users  to  JabberNow  users  by  instructing 
them  to  use  the  new  client  and  by  block¬ 
ing  ports  at  the  firewall. 

JabberNow’s  browser-based  interface 
was  simple  —  just  a  few  Web  pages  — 
and  easy  to  navigate.Setting  up  a  new  IM 
user  is  a  simple  matter  of  entering  a  user 
ID  and  password.  The  unit’s  self-regis¬ 
tration  feature  is  turned  on  by  default 
but  is  easily  disabled. 

If  you’re  thinking  of  setting  up  IM 
in  your  business,  you  should  take  a  close  look  at 
JabberNow.  It’s  especially  appropriate  for  small  and 
midsize  businesses  that  want  to  start  using  IM  with  as  lit¬ 
tle  fuss  as  possible. 

Nance  nms  Network  Testing  Labs  and  is  the  author  of 
Introduction  to  Networking,,  and  Client/Server  LAN 
Programming.  He  can  be  reached  at  barryn@erols.com. 


The  JabberNow  appliance  can  mount  on  a 
wall,  but  is  too  small  to  put  in  a  rack. 


8.7.06  •  www.networkworid.com  •  43 


MANAGEMENT  ’  CAREERS 

R  CAREER  DEVELOPMENT  S  PROJECT  MANAGEMENT  ■  BUSINESS  JUSTIFICATION 


Technology-to-business  transformations 

The  right  skills  can  help  you  make  the  move  from  IT  to  a  different  department. 


BY  CARA  GARRETSON 

hree  years  ago,  Autumn 
Bayles  was  brought  in  as  a 
part  of  a  management-turn¬ 
around  team  to  rebuild  Tasty  Ba¬ 
king,  a  90-year-old  family-run  pub¬ 
lic  company  in  need  of  restructur¬ 
ing.  Bayle’s  task  as  CIO  was  to 
revamp  the  company’s  technology 
infrastructure;  with  that  project 
under  her  belt,  she’s  moving  on  to 
head  operations  at  the  Philadel¬ 
phia-based  food  chain. 

Trained  as  an  engineer,  Bayles  hadn’t  thought  she’d  move 
out  of  the  IT  world.  But  when  the  opportunity  arose  to  man¬ 
age  the  distribution  of  Tasty  Baking’s  cupcakes,  doughnuts 
and  other  snack  foods  to  15,000  convenience  stores  and 
supermarkets  in  the  mid-Atlantic  region, she  jumped  at  the 
chance. 

“We  had  put  in  a  new  ERP  system,  and  I  got  heavily 
involved  in  the  distribution  part,”  she  says.  When  the  com¬ 
pany  was  looking  for  a  senior  vice  president  of  strategic 
operations,  management  thought  of  her,  and  in  July 
announced  her  new  position.“I  also  have  an  MBA, so  I  have 
a  breadth  of  knowledge  and  the  ability  to  play  in  a  space 
outside  of  technology  But  it  was  also  a  little  bit  of  luck,  too; 
there  was  a  gap  in  the  organization,  so  it  just  sort  of  hap¬ 
pened.” 

Transitioning  from  a  technology  executive  to  a  business 
executive  is  an  increasingly  popular  move  caused  in  large 
part  by  the  growing  trend  among  enterprises  to  align  tech¬ 
nology  with  business,  which  is  blurring  the  lines  between 
the  two  disciplines.  This  means  more  technology  profes¬ 
sionals  are  becoming  business  savvy  and  building  the  skills 
they  need  to  one  day  run  another  department,  or  perhaps 
the  company. 

“CIOs  today  are  not  like  they  used  to  be;  today  they  tend 
to  be  younger  and  have  more  of  a  business  background  . . . 
they  really  understand  how  IT  should  be  leading  the  busi¬ 
ness,”  says  Heather  Clarke-Beckerman,  president  of  HCP 
Consulting  Group,  which  coaches  executives.“These  people 
may  not  be  the  best  on  the  computer  end  of  things,  but  they 


have  a  really  strong  knowledge  of  IT,  plus  business  exposure, 
and  they  understand  how  to  influence  and  negotiate.”These 
skills  contribute  to  making  the  move  from  CIO  to  business 
executive  much  easier  than  it  used  to  be,  she  says. 

Not  only  CIOs  make  such  moves,  as  IT  professionals  at  all 
levels  gain  more  exposure  to  the  departments  for  which 
they  develop  projects.  As  technology  cuts  a  higher  profile 
within  organizations,  the  skills  that  IT  professionals  build  in 
their  day-to-day  jobs  are  often  in  high  demand  in  other 
departments. 

Project  management  is  one  skill  required  in  practically 
every  corporate  job  and  one  that  many  IT  professionals 
have  mastered,  Clarke-Peckerman  says. 

Amy  Pierson,  who  also  used  to  work  in  Tasty  Baking’s  IT 
department,  was  recruited  for  a  position  in  the  company’s 
human  resources  group  in  part  because  of  her  project- 
management  skills. 

“The  IT  department  was  very  much  project-  and  team- 
focused,  where  in  HR  it’s  more  responding  to  business 
needs  on  a  daily  basis,”  says  Pierson,  who  is  now  manager 
of  HR  IS  and  compensation  analysis  for  Tasty  Baking.  “So 
I’m  trying  to  put  in  more  structure  here  in  HR  to  make  it 
more  project-focused.” 

But  other  legacies  from  her  days  in  IT  have  followed 
Pierson  into  her  new  role;  she’s  still  asked  by  co-workers  to 
help  fix  a  printer  jam  or  figure  out  e-mail  glitches.  “I  try  to 
educate  people  when  I  respond,” she  says. 

IT  professionals  looking  to  make  a  transition  into  different 
departments  should  take  on  technology  projects  that  relate 
to  those  departments,  recommends  Tasty  Baking’s  Bayles. 

“Some  IT  projects  are  heavily  business  focused  . . .  say 
implementing  a  new  system  for  a  warehouse,  vs.  a  new  e- 
mail  archiving  system,” she  says.“Pick  the  ones  with  a  busi¬ 
ness  slant,  that’s  going  to  give  you  exposure, and  you’ll  start¬ 
ing  working  with  those  people,  and  maybe  an  opportunity 
opens  up.” 

Other  skills  that  IT  professionals  can  emphasize  when 
moving  into  different  roles  include  fact-finding  and  prob¬ 
lem  solving,  Clarke-Peckerman  says.  “The  role  an  IT  profes¬ 
sional  plays  is ‘OK,  we  have  a  problem,  we  have  to  go  in  and 
diagnose,  problem  solve,  and  come  up  with  the  data  to  sup¬ 
port  our  recommendation,”  she  says. “They’re  very  good  at 
analysis.” 

IT  professionals  need  to  think  about  problem  solving  in 
more  than  just  technical  terms,  one  executive  says. 

“Solving  the  problem  isn’t  always  a  technology  issue,” says 
Michael  Wilens,  executive  vice  president  and  chief  tech¬ 
nology  and  operations  officer  with  information  provider 
Thomson  Corp.,who  has  held  a  number  of  technology  and 
business  titles.  “Philosophically  you  have  to  redefine  the 
goal  —  it’s  not  the  success  of  a  technology  deployment,  the 
goal  is  solving  the  problem.” 

This  often  means  becoming  “a  corrupt  technologist;  you 
can’t  be  a  purist,’ ’he  adds.“lt’s  the  cleverness  of  the  solution, 
not  the  purity  of  the  technology”  that  matters  in  business. 


Autumn  Bayles,  CIO  of  Tasty  Baking,  parlayed  ERP  experience 
into  an  operations  role  with  the  food  maker. 

When  working  on  a  technology  project,  Wilens  recom¬ 
mends  understanding  the  goal  of  the  project  in  its  business 
context,  not  just  the  time  line  or  budgetary  constraints.“You 
have  to  become  sensitive  to  business  goals  and  retrofit  the 
technology’  he  says. 

An  IT  professional  should  do  a  self-assessment  to  de¬ 
termine  skills  needed  to  make  the  transition  into  a  new 
department,  Clarke-Peckerman  says.  To  learn  one’s 
strengths  and  where  competencies  are  lacking,  ask  ques¬ 
tions  during  job-performance  reviews  and  take  tests,  such 
as  the  Myers-Briggs  Type  Indicator.  Research  the  skill  sets 
required  in  different  careers,  she  adds. 

Perhaps  most  importantly,  IT  professionals  looking  to 
jump  into  business  have  to  really  want  it.Thomsons  Wilens 
says.“Be  careful  what  you  wish  for;’  he  says,  adding  that  he’s 
seen  professionals  make  such  transitions  to  gain  better 
titles  and  higher  pay“Having  a  customer  scream  at  you  [for 
example] ; you’ve  got  to  decide  if  that’s  what  you  really  want 
to  do.”  ■ 


Digital  KVM  IP 
Switches 

Switch  &  control  1,000s 
of  computers  &  network 
devices  over  IP 

Advanced  Security 
High  resolution 
On-screen  menu 
USB,  PS/2,  Sun,  Serial 


Multi-platform 
KVM  switches 

Switch  &  control  1,000s  of 
computers  and  network 
devices 

Advanced  Security 
High  resolution 
On-screen  menu 
USB,  PS/2,  Sun,  Serial 


KVM  Extenders 


Extends  keyboard,  video, 
and  mouse  signals  up  to 
33,000  feet 

Fiber,  CATx 
DVI,  VGA,  High  Res. 
PS/2,  USB,  Sun 
Audio,  Serial 


KVM  Rack  Drawers}  {  Panel  Mount  LCD 


The  most  efficient  way  to 
organize  your  server  room. 

1U  or  2U 

15",  17",  19"  or  20" 
VGA,  DVI 
PS/2,  USB,  or  Sun 
Touchpad  or  Trackball 


!  Mounts  vertically  in  a 
V  j  standard  19"  rack. 

j  15",  17",  19"  20",  or  23" 

I  VGA,  DVI,  S-Video 
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How  Do  You  Distribute 
Power  in  Your  Data 


CDU  Product  Family:  Metered,  Smart  &  Switched 
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Technology 

Solutions  for  the  Data  Center  Equipment  Cabinet 


The  Sentry  CDU  distributes  power  for  Blade 
servers  or  up  to  42  dual-power  1U  servers 
in  one  enclosure.  Single  or  3-phase  input 
with  110VAC,  2 08 VAC  or  mixed  110/208VAC 
single-phase  outlet  receptacles. 

Metered  CDU 

>  Local  input  Current  Monitoring 
Smart  CDU 

>  Local  Input  Current  Monitoring 

>  Supports  External  Temperature  and 
Humidity  Probes 

>  IP  Monitoring  of  Power  Temperatures 
and  Humidity 

Switched  CDU 

>  Local  input  current  Monitoring 

>  Supports  External  Temperature  and 
Humidity  Probes 

>  IP  Monitoring  of  Power,  Temperatures 
and  Humidity 

>  Remote  Power  Control  of  Each  Outlet 
—  On  /  Off  /  Reboot 


Server  Technology,  Inc. 
1040  Sandhill  Drive 
Reno,  NV  89521 
USA 


toll  free +1.800.835.1 51 5 
tel  +1.775.284.2000 
fax +1.775.284.2065 

www.servertech.com 

sales^servertech.com 


Hitting  a  wall  with  your  current  sniffer? 


Break  through  with  Observer  1 1 .  Now  with  enterprise-strength  VoIP  analysis.  Includes  enhanced  VoIP  troubleshooting, 
integrated  NetFlow  and  sFlow®  support,  MultiHop  Analysis,  and  64-bit  Windows  scalability.  It's  time  to  reset  your  analyzer. 


NETWORK* 

INSTRUMENTS 


Wired  to  wireless .  LAN  to  WAN.  One  network  -  complete  control. 


US  &  Canada  UK  &  Europe 

toll  free  800.526.5958  +44  (0)  1959  569880 

www.networkinstruments.com/analyze 


enhanced  VoIP  support 
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Server  Room 
Climate  &  Power 

Monitoring 
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Get  our 

free 

book. 


E-mail  FreeBook@ITWatchDogs.com  with  your 
mailing  address  or  call  us  at  512-257-1462 


Protect  Your  IT  Equipment...  Don  V  Wait  Until  IDs  Too  Late! 


IT  Environment  Monitoring 

•  Digital  Temperature 

•  Digital  Humidity 

•  Main  /  UPS  Power 

•  Flood  /  Water 

•  Smoke /Fire 

Cameras,  Sound,  Light,  Air  Flow, 


Solutions 
Start  At  $295 


Easy  Online  Ordering  At 


Room  Entry,  Dry  Contacts  &  More 

EnvironmentMonitor.com 

AVTECH 

Software 

888.220.6700 

401.847.6700 

AVTECH.com 

EnvironmentMonitor.com 

VISA 


1.408.727.1122 

info@recurrent.com 


3431  De  La  Cruz  Blvd,  Santa  Clara.  CA  95054 
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instantly 


Terabytes 
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Instantly  Search  Terabytes  of  Text 

♦  over  two  dozen  indexed,  unindexed,  fielded  data  and  full-text  search  options 

♦  highlights  hits  in  HTML,  XML  and  PDF,  while  displaying  links,  formatting  and^SJSSBSr 

♦  converts  other  file  types  (word  processor,  database,  spreadsheet,  email  and 
attachments,  ZIP,  Unicode,  etc.)  to  HTML  for  display  with  highlighted  hits 

♦  Spider  supports  static  and  dynamic  Web  content,  with  WYSWYG  hit-highlighting 

♦  API  supports  .NET /.NET  2.0,  C++,  Java,  SQL  databases.  New.NET/.NET  2.0  Spider  API 
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♦  "Bottom  line:  dtSearch  manages  a  terabyte  of  text  in  a  single  index 

and  returns  results  in  less  than  a  second"  -  InfoWorld 

♦  "For  combing  through  large  amounts  of  data,  dtSearch  "leads  the  market" 

-  Network  Computing 

♦  "Blindingly  fast"-  Computer  Forensics:  Incident  Response  Essentials 

♦  "Covers  all  data  sources  ...  powerful  Web-based  engines"-  eWEEK 

♦  "Searches  at  blazing  speeds"-  Computer  Reseller  News  Test  Center 

♦  "The  most  powerful  document  search  tool  on  the  market"-  Wired  Magazine 
For  hundreds  more  reviews  —  and  developer  case  studies  —  see  www.dtsearch.com 

Contact  dtSearch  for  fully-functional  evaluations 

The  Smart  Choice  for  Text  Retrieval®  since  1991 

1-800-IT-FINDS  •  www.dtsearch.com 
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Uniike  a  SPAN  port,  TAPs  guarantee  a  Copper  nTAPs 

complete  copy  of  full-duplex  data  at  line  10/100 . $395 

rate  for  your  monitoring  device.  The  result?  10/100/1000  . $795 

Knowing  you  have  the  entire  picture  before  CoppeI,0Optita|Con,mionnT»P! 
making  important  network  decisions.  sXorLX  $1495 

Learn  more.  Visit  www.networkTAPs.com.  Optical  nTAPs 

One-Channel  . . . $295 

Two-Channel  . . . . $575 

Three-Channel j ;. . $845 
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Vista 

continued  from  page  1 

The  1SV  says  its  customers  have 
said  they  will  wait  at  least  a  year  to 
adopt  the  new  operating  system. 

A  survey  of  207  companies 
released  by  Jupiter  Research  last 
week  shows  that  nearly  50%  of 
these  100-plus-employee  outfits 
will  wait  at  least  13  months  after 
release  to  deploy  Vista  —  or  won’t 
deploy  it  at  all. 

Microsoft’s  traditional  advocates 
also  are  questioning  the  viability 
of  the  software  and  its  release 
schedule.  Robert  McLaws,  a  popu¬ 
lar  blogger  and  a  Microsoft  MVP 
(non-employees  who  offer  expert 
analysis  on  products),  said  in  his 
blog  entry  titled  “The  entry  I  didn’t 
want  to  write, ’’“Beta  2  was  a  disap¬ 
pointment  on  many  levels.  It  was 
nowhere  near  as  stable  as  it 
should  have  been.”  McLaws  says 
pushing  the  launch  back  four  to 
six  weeks  with  a  release  in 
February,  adding  another  beta 
cycle  and  coming  clean  publicly 
with  the  new  delay  may  be  the 
best  solution  for  producing  “the 
best  version  of  Windows  ever” 

He  wasn’t  the  only  one  with 
stern  advice  for  Microsoft.  Former 
Microsoft  blogger  advocate 
Robert  Scoble  used  his  blog  to  say 
“Tli is  sucker  is  just  not  ready  It 
feels  like  it  needs  a  good  six  more 
months, . . .  which  would  mean  a 
mid-year  release  next  year’’ 

After  five  years  between  major 
client  operating  system  releases, 
Microsoft  needs  a  home  run, 


experts  say 

“It’s  ready  when  it’s  ready  but  it 
better  be  good  when  it’s  ready  or 
there’ll  be  hell  to  pay(  says  Tom 
Henderson,  principal  researcher 
for  ExtremeLabs  and  a  member  of 
the  Network  World  Lab  Alliance. 
He  says  there  are  a  lot  of  issues 
with  the  code  floating  around 
among  testers. 

Others  see  additional  red  flags. 

“Put  the  testing  aside,  I  can’t  find 
a  valid  antivirus  software  that 
works  with  it,” says  Michael  Cherry 
an  analyst  with  research  firm 
Directions  on  Microsoft.  “That  is  a 


key  application  and  runs  at  a  core 
level.  If  the  antivirus  vendors,  who 
work  closely  with  Microsoft,  can’t 
get  Vista  working,  then  the  core  is 
not  stable.” 

Cherry  says  it  might  be  time  to 
reset  expectations  because  an 
operating  system  no  longer 
should  be  a  groundbreaking 
piece  of  technology 

“I  am  impressed  with  Apple  OS 
and  I  like  the  way  over  the  last 
couple  of  releases  they  have 
made  a  series  of  incremental 
improvements.  It  has  not  been 
earth-shattering,”  he  says.  ■ 
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Vista  timeline 

It's  been  a  long  road  for  Vista  since  work  began  on  it  in  2001. 


May  2001 

Work  on  Vista,  code-named  Longhorn,  begins.  Expected  ship 
date:  2003. 

May  2003 

First  development  release  of  Longhorn/Vista  for  select  testers; 
ship  date  revised  to  early  2005. 

Aug.  27, 2004 

Development  of  Longhorn/Vista  halted  as  project  is  reset,  shifting 
code  base  from  Windows  XP  to  one  used  for  Windows  Server 
2003  Service  Pack  1. 

April  24,  2005 

Longhorn  Developer  Preview  made  available  at  WinHEC  2005. 

July  27, 2005 

Windows  Vista  Beta  1  released. 

Sept.  13, 2005 

First  community  technology  preview  release.  CTPs  replaced  the 
slower  beta-release  program.  Subsequent  CTPs  released  in 
October,  December  and  February. 

May  23,  2006 

Windows  Vista  Beta  2  released  to  select  testers.  Released 
publicly  June  6. 

September  2006  Windows  Vista  Release  Candidate  1  set  to  ship  before  end  of 
September. 

November  2006 

Target  date  for  Vista  release  to  business  users. 

January  2007 

Target  date  for  Vista  release  to  consumers. 

Vista  flaws  exposed  at  Black  Hat 


After  security  researcher  Joanna  Rutkowska 
last  week  demonstrated  how  it's  possible  to 
circumvent  security  in  Microsoft’s  Vista 
beta  software  and  install  a  rootkit  called  Blue 
Pill,  Microsoft  said  it  intends  to  find  ways  to  stop 
both  potential  threats  before  its  new  operating 
system  ships. 

Rutkowska,  from  Singapore  security  firm 
Cosemc,  used  the  Black  Hat  conference  in  Las 
Vegas  to  demonstrate  a  way  to  bypass  the  Vista 
rity-checking  process  for  loading  unsigned 
to  the  Vista  kernel.  Then  she  presented 
II,  a  rootkit  based  on  Advanced  Micro 
s’  SVM/Pacifica’s  virtualization  technology, 
t  bypassing  Vista’s  signature-checking 
lanism  for  device  drivers  that  Microsoft  is 
ting  in  Vista  to  prevent  loading  of  malware  or 
thorized  software,  Rutkowska  said,  “The 
hat  this  mechanism  was  bypassed  does  not 
i  that  Vista  is  completely  insecure.  It’s  just 


code 


Abe 


not  as  secure  as  advertised." 

In  the  second  part  of  her  presentation  at  Black 
Hat,  Rutkowska  detailed  Blue  Pill,  a  rootkit  that 
can  be  used  to  hijack  a  computer  and  serve  as  a 
backdoor  for  attackers.  While  developed  for  Vista, 
Blue  Pill  could  be  adapted  to  other  platforms. 

Blue  Pill  so  far  has  proved  impossible  to  detect, 
Rutkowska  said,  although  she  was  continuing 
research  to  uncover  a  means  of  discovering  it.  A 
hardware- based  approach  might  work,  she  said. 

Austin  Wilson,  Microsoft’s  director  of  the 
Windows  client  group,  said  the  company  is  look¬ 
ing  at  the  problem. 

Wilson  pointed  out  that  Rutkowska's  code¬ 
signing  bypass  attack  requires  the  attacker  to 
start  as  the  machine's  administrator  in  Vista.  “If 
you're  running  as  a  standard  user,  this  wouldn’t 
work,"  he  noted.  "But  we’re  still  looking  at  block¬ 
ing  this  type  of  attack." 

—  Ellen  Messmer 


was  then  modified”  and  continued  with  Clariion.  Whatever,  the  brand 
liives. 

4.  Netscape.  Marc  Andreessen  would  be  rolling  over  in  his  grave  if 
not  for  two  simple  facts:  he  is  very  much  alive,  and  he’s  hip-deep  in 
his  own  social-networking  playground  for  developers  called  Ning. 
Nevertheless,  it’s  disconcerting  to  see  the  Netscape  brand  —  once 
synonymous  with  the  World  Wide  Web  —  relegated  to  the  me-too- 
ism  of  taking  on  Digg  for  supremacy  among  would-be  online  news 
editors.  Now,  I  love  all  of  you  Diggers  to  death  (note  the  "Digg  it” 
links  we  carry  everywhere),  but  I'm  rooting  for  Netscape  to  grab  a 
slice  of  the  pie  here  if  for  no  other  reason  but  that  Netscape’s 
(newest)  head  honcho  Jason  Calacanis  has  acknowledged  that  news 
editors  deserve  to  be  paid.  (See:  my  wife,  three  kids  and  mortgage). 

3.  Linksys.  Founded  in  1988,  Linksys  was  a  household  name  before 
being  bought  in  2003  by  Cisco,  which  typically  absorbs  acquisitions 
of  this  ilk  like  the  beach  sucks  up  a  pail  of  seawater.  Not  this  time. 
Linksys  lives  on  as  a  division  of  Cisco,  with  a  distinctive  small- 
company  online  presence,  because,  well,  they’ve  got  some  pretty 
smart  cookies  over  at  Cisco  who  recognize  an  invaluable  brand 
when  they  buy  one.  (Here's  a  Linksys  fact  for  you:  As  of  last  year,  it 
employed  399  people. ...  I’d  venture  that  Cisco  has  more  janitors.) 

2.  Norton.  As  in  Norton  AntiVirus,  Internet  Security,  Personal 
Firewall,  System  Works  and  so  on.  For  the  love  of  Peter  Norton,  this 
man  sold  Peter  Norton  Computing  to  Symantec  in  1990  and  hasn’t 
written  any  code  this  century,  yet  his  name  still  adorns  the  shrink- 
wrapped  boxes  that  contain  among  the  most  popular  lines  of  secu¬ 
rity  products.  At  least  they  stopped  putting  his  mug  on  the  boxes 
five  years  ago.  Norton  is  so  far  removed  from  the  products  that  bear 
his  name  that  Symantec's  public  relations  department  could  offer 
me  no  help  in  finding  the  man  (an  endeavor  in  which  I  failed). 
However,  I  did  find  this  notation  on  Symantec’s  legal  notices  page: 
"Peter  Norton,  Peter  Norton’s  stylized  signature,  and  Peter  Norton's 
crossed-arm  pose  are  U.S.  registered  trademarks  of  Peter  Norton.” 
Aw,  he  still  cares. 

1.  AT&T.  It's  been  130  years  since  Alexander  Graham  Bell  uttered 
those  immortal  words:  “Mr.  Watson,  come  here.  I  want  you  to  help 
me  monopolize  telecommunications."  Not  three  antitrust  go-arounds 
with  the  government  —  1913, 1956  and  1982  —  not  disastrous  forays 
into  cable  television  and  out  of  wireless,  and  not  even  the  ignominy 
of  being  acquired  by  a  one-time  “baby”  for  what  amounted  to  a  pit¬ 
tance  could  put  a  period  on  the  history  of  the  AT&T  brand.  Now 
that's  a  will  to  live. 

OK,  now  tell  me  what  /  missed.  The  address  is  buzz@nww.com. 
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